<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <meta name="generator" content="HTML Tidy, see www.w3.org">
    <title>FreeBSD/alpha 5.0-DP2 Release Notes</title>
    <meta name="GENERATOR" content=
    "Modular DocBook HTML Stylesheet Version 1.73 ">
    <link rel="STYLESHEET" type="text/css" href="docbook.css">
  </head>

  <body class="ARTICLE" bgcolor="#FFFFFF" text="#000000" link=
  "#0000FF" vlink="#840084" alink="#0000FF">
    <div class="ARTICLE">
      <div class="TITLEPAGE">
        <h1 class="TITLE"><a name="AEN2">FreeBSD/alpha 5.0-DP2
        Release Notes</a></h1>

        <h3 class="CORPAUTHOR">The FreeBSD Project</h3>

        <p class="COPYRIGHT">Copyright &copy; 2000, 2001, 2002 by
        The FreeBSD Documentation Project</p>

        <p class="PUBDATE">$FreeBSD:
        src/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml,v
        1.452 2002/11/14 17:59:11 bmah Exp $<br>
        </p>

        <div>
          <div class="ABSTRACT">
            <a name="AEN11"></a>

            <p>The release notes for FreeBSD 5.0-DP2 contain a
            summary of recent changes made to the FreeBSD base
            system on the 5-CURRENT development branch. Both
            changes for kernel and userland are listed, as well as
            applicable security advisories that were issued since
            the last release. Some brief remarks on upgrading are
            also presented.</p>
          </div>
        </div>
        <hr>
      </div>

      <div class="TOC">
        <dl>
          <dt><b>Table of Contents</b></dt>

          <dt>1 <a href="#AEN13">Introduction</a></dt>

          <dt>2 <a href="#AEN18">What's New</a></dt>

          <dd>
            <dl>
              <dt>2.1 <a href="#KERNEL">Kernel Changes</a></dt>

              <dd>
                <dl>
                  <dt>2.1.1 <a href="#AEN387">Processor/Motherboard
                  Support</a></dt>

                  <dt>2.1.2 <a href="#AEN425">Bootloader
                  Changes</a></dt>

                  <dt>2.1.3 <a href="#AEN447">Network Interface
                  Support</a></dt>

                  <dt>2.1.4 <a href="#AEN707">Network
                  Protocols</a></dt>

                  <dt>2.1.5 <a href="#AEN883">Disks and
                  Storage</a></dt>

                  <dt>2.1.6 <a href="#AEN1103">Filesystems</a></dt>

                  <dt>2.1.7 <a href="#AEN1188">PCCARD
                  Support</a></dt>

                  <dt>2.1.8 <a href="#AEN1211">Multimedia
                  Support</a></dt>

                  <dt>2.1.9 <a href="#AEN1242">Contributed
                  Software</a></dt>
                </dl>
              </dd>

              <dt>2.2 <a href="#SECURITY">Security-Related
              Changes</a></dt>

              <dt>2.3 <a href="#USERLAND">Userland Changes</a></dt>

              <dd>
                <dl>
                  <dt>2.3.1 <a href="#AEN3790">Contributed
                  Software</a></dt>

                  <dt>2.3.2 <a href="#AEN4249">Ports/Packages
                  Collection Infrastructure</a></dt>
                </dl>
              </dd>

              <dt>2.4 <a href="#AEN4361">Release Engineering and
              Integration</a></dt>

              <dt>2.5 <a href="#AEN4386">Documentation</a></dt>
            </dl>
          </dd>

          <dt>3 <a href="#AEN4434">Upgrading from previous releases
          of FreeBSD</a></dt>
        </dl>
      </div>

      <div class="SECT1">
        <hr>

        <h1 class="SECT1"><a name="AEN13">1 Introduction</a></h1>

        <p>This document contains the release notes for FreeBSD
        5.0-DP2 on the Alpha/AXP hardware platform. It describes
        recently added, changed, or deleted features of FreeBSD. It
        also provides some notes on upgrading from previous
        versions of FreeBSD.</p>

        <p>The snapshot distribution to which these release notes
        apply represents a point along the 5-CURRENT development
        branch between 4.0-RELEASE and the future 5.0-RELEASE. Some
        pre-built, binary snapshot distributions along this branch
        can be found at <a href="http://snapshots.jp.FreeBSD.org/"
        target="_top">http://snapshots.jp.FreeBSD.org/</a>.</p>
      </div>

      <div class="SECT1">
        <hr>

        <h1 class="SECT1"><a name="AEN18">2 What's New</a></h1>

        <p>This section describes many of the user-visible new or
        changed features in FreeBSD since 4.0-RELEASE. It includes
        items that are unique to the 5-CURRENT branch, as well as
        some features that may have been recently merged to other
        branches (after FreeBSD 4.6-RELEASE). The later items are
        marked as [MERGED].</p>

        <p>Typical release note items document new drivers or
        hardware support, new commands or options, major bugfixes,
        or contributed software upgrades. Applicable security
        advisories issued after 4.0-RELEASE are also listed.</p>

        <p>Many additional changes were made to FreeBSD that are
        not listed here for lack of space. For example,
        documentation was corrected and improved, minor bugs were
        fixed, insecure coding practices were audited and
        corrected, and source code was cleaned up.</p>

        <div class="SECT2">
          <hr>

          <h2 class="SECT2"><a name="KERNEL">2.1 Kernel
          Changes</a></h2>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=acct&sektion=2&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">acct</span>(2)</span></a> has been
          changed to open the accounting file in append mode, so
          that <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=accton&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">accton</span>(8)</span></a> can be used
          to enable accounting to an append-only file. [MERGED]</p>

          <p>A new in-kernel cryptographic framework (see <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=crypto&sektion=4&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">crypto</span>(4)</span></a> and <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=crypto&sektion=9&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">crypto</span>(9)</span></a>) has been
          imported from OpenBSD. It provides a consistent interface
          to hardware and software implementations of cryptographic
          algorithms for use by the kernel and access to
          cryptographic hardware for user-mode applications.
          Hardware device drivers are provided to support
          hifn-based cards (<a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=hifn&sektion=4&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">hifn</span>(4)</span></a>) and
          Broadcom-based cards (<a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ubsec&sektion=4&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ubsec</span>(4)</span></a>).</p>

          <p>A new <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ddb&sektion=4&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ddb</span>(4)</span></a> command <tt
          class="COMMAND">show pcpu</tt> lists some of the per-CPU
          data.</p>

          <p>A <tt class="FILENAME">devctl</tt> device has been
          added to allow userland programs to learn when devices
          come and go in the device tree (different from the XXX).
          This facility is primariliy used by the <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=devd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">devd</span>(8)</span></a> utility.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=devfs&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">devfs</span>(5)</span></a>, which allows
          entries in the <tt class="FILENAME">/dev</tt> directory
          to be built automatically and supports more flexible
          attachment of devices, has been largely reworked. <a
          href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=devfs&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">devfs</span>(5)</span></a> is now enabled
          by default and can be disabled by the <tt class=
          "LITERAL">NODEVFS</tt> kernel option.</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=devfs&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">devfs</span>(5)</span></a> ``rule''
          subsystem has been introduced. DEVFS rules permit the
          administrator to define certain properties of new device
          nodes before they become visible to the userland. Both
          static (e.g. <tt class="FILENAME">/dev/speaker</tt>) and
          dynamic (e.g. <tt class="FILENAME">/dev/bpf*</tt>, some
          removable devices) nodes are supported. Each <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=devfs&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">devfs</span>(5)</span></a> mount may have
          a different ruleset assigned to it, permitting different
          policies to be implemented for things like jails. Rules
          and rulesets are manipulated with the <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=devfs&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">devfs</span>(8)</span></a> utility.</p>

          <p>The dgm driver has been removed in favor of the digi
          driver.</p>

          <p>A new digi driver has been added to support PCI
          Xr-based and ISA Xem Digiboard cards. A new <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=digictl&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">digictl</span>(8)</span></a> program is
          (mainly) used to re-initialize cards that have external
          port modules attached such as the PC/Xem.</p>

          <p>An <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=eaccess&sektion=2&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">eaccess</span>(2)</span></a> system call
          has been added, similar to <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=access&sektion=2&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">access</span>(2)</span></a> except that
          the former uses effective credentials rather than real
          credentials.</p>

          <p>Each <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=jail&sektion=2&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">jail</span>(2)</span></a> environment can
          now run under its own securelevel.</p>

          <p>The tunable sysctl variables for <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=jail&sektion=2&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">jail</span>(2)</span></a> have moved from
          <tt class="VARNAME">jail.*</tt> to the <tt class=
          "VARNAME">security.*</tt> hierarchy. Other
          security-related sysctl variables have moved from <tt
          class="VARNAME">kern.security.*</tt> to <tt class=
          "VARNAME">security.*</tt>.</p>

          <p>The kernel environment is now dynamic, and can be
          changed via the new <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=kenv&sektion=2&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">kenv</span>(2)</span></a> system
          call.</p>

          <p>The labpc(4) driver has been removed due to
          ``bitrot''.</p>

          <p>The loader and kernel linker now look for files named
          <tt class="FILENAME">linker.hints</tt> in each directory
          with KLDs for a module name and version to KLD filename
          mapping. The new <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=kldxref&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">kldxref</span>(8)</span></a> utility is
          used to generate these files.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=lomac&sektion=4&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">lomac</span>(4)</span></a>, a
          Low-Watermark Mandatory Access Control security facility,
          has been added as a kernel module. It provides a drop-in
          security mechanism in addition to the traditional
          UID-based security facilities, requiring no additional
          configuration from the administrator. Work on this
          feature was sponsored by DARPA and NAI Labs.</p>

          <p>FreeBSD now supports an extensible Mandatory Access
          Control framework, the TrustedBSD MAC Framework. It
          permits loadable kernel modules to link to the kernel at
          compile-time, boot-time, or run-time, and augment the
          system security policy. The framework permits modules to
          express interest in a variety of events, and also
          provides common security policy services such as label
          storage. A variety of sample policy modules are shipped
          in this release, including implementations of fixed and
          floating label Biba integrity models, Multi-Level
          Security (MLS) with compartments, and a number of
          augmented UNIX security models including a file system
          firewall. This feature will permit easier development and
          maintenance of local and vendor security extensions. The
          extensibility service is enabled by adding <tt class=
          "LITERAL">options MAC</tt> to the kernel
          configuration.</p>

          <div class="NOTE">
            <blockquote class="NOTE">
              <p><b>Note:</b> The MAC framework is considered an
              experimental feature in this release, and is not
              enabled by default</p>
            </blockquote>
          </div>
          <br>
          <br>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=mutex&sektion=9&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">mutex</span>(9)</span></a> profiling code
          has been added, enabled by the <tt class=
          "LITERAL">MUTEX_PROFILING</tt> kernel configuration
          option. It enables the <tt class=
          "VARNAME">debug.mutex.prof.*</tt> hierarchy of sysctl
          variables.</p>

          <p>The <tt class="LITERAL">P1003_1B</tt> kernel option is
          no longer used and has been removed.</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=random&sektion=4&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">random</span>(4)</span></a> device has
          been rewritten to use the <b class=
          "APPLICATION">Yarrow</b> algorithm. It harvests entropy
          from a variety of interrupt sources, including the
          console devices, Ethernet and point-to-point network
          interfaces, and mass-storage devices. Entropy from the <a
          href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=random&sektion=4&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">random</span>(4)</span></a> device is now
          periodically saved to files in <tt class=
          "FILENAME">/var/db/entropy</tt>, as well as at shutdown
          time. The semantics of <tt class=
          "FILENAME">/dev/random</tt> have changed; it never blocks
          waiting for entropy bits but generates a stream of
          pseudo-random data and now behaves exactly as <tt class=
          "FILENAME">/dev/urandom</tt>.</p>

          <p>A new kernel option, <tt class="LITERAL">options
          REGRESSION</tt>, enables interfaces and functionality
          intended for use during correctness and regression
          testing.</p>

          <p><tt class="LITERAL">RLIMIT_VMEM</tt> support has been
          added. This feature defines a new resource limit that
          covers a process's entire virtual memory space, including
          <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=mmap&sektion=2&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">mmap</span>(2)</span></a> space. This
          limit can be configured in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=login.conf&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">login.conf</span>(5)</span></a> via the
          new <tt class="VARNAME">vmemoryuse</tt> variable.
          [MERGED]</p>

          <p>A bug in the <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=sendfile&sektion=2&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">sendfile</span>(2)</span></a> system
          call, in which headers counted against the size of the
          file to be sent, has been fixed. [MERGED]</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=syscons&sektion=4&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">syscons</span>(4)</span></a> driver now
          supports keyboard-controlled pasting, by default bound to
          <b class="KEYCAP">Shift</b>-<b class=
          "KEYCAP">Insert</b>.</p>

          <p>The uaudio driver, for USB audio devices, has been
          added. [MERGED]</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ucom&sektion=4&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ucom</span>(4)</span></a> device driver
          has been added, to support USB modems, serial devices,
          and other programs that need to look like a tty. The
          related <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=uplcom&sektion=4&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">uplcom</span>(4)</span></a> and <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=uvscom&sektion=4&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">uvscom</span>(4)</span></a> drivers
          provide specific support for the Prolific PL-2303 serial
          adapter and the SUNTAC Slipper U VS-10U, respectively.
          [MERGED]</p>

          <p>To increase security, the <tt class=
          "LITERAL">UCONSOLE</tt> kernel configuration option has
          been removed.</p>

          <p>The <tt class="LITERAL">USER_LDT</tt> kernel option is
          now activated by default.</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=uvisor&sektion=4&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">uvisor</span>(4)</span></a> driver for
          connecting Handspring Visors via USB has been added.
          [MERGED]</p>

          <p>A VESA S3 linear framebuffer driver has been
          added.</p>

          <p>The kernel crashdump infrastructure has been revised,
          to support new platforms and in general clean up the
          logic in the code. One implication of this change is that
          the on-disk format for kernel dumps has changed, and is
          now byte-order-agnostic.</p>

          <p>Extremely large swap areas (&gt;67 GB) no longer panic
          the system.</p>

          <p>Support for threads under Linux emulation has been
          added.</p>

          <p>Linker sets are now self-contained; gensetdefs(8) is
          unnecessary and has been removed.</p>

          <p>It is now possible to hardwire kernel environment
          variables (such as tuneables) at compile-time using <a
          href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=config&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">config</span>(8)</span></a>'s <tt class=
          "LITERAL">ENV</tt> directive.</p>

          <p>Idle zeroing of pages can be enabled with the <tt
          class="VARNAME">vm.idlezero_enable</tt> sysctl
          variable.</p>

          <p>The FreeBSD kernel scheduler now supports
          Kernel-Scheduled Entities (KSEs), which provides support
          for multiple threads of execution per process similar to
          Scheduler Activations. At this point, the kernel has most
          of the changes needed to support threading. The kernel
          scheduler can schedule multiple threads per process, but
          only on a single CPU at a time. More information can be
          found in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=kse&sektion=2&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">kse</span>(2)</span></a>.</p>

          <div class="NOTE">
            <blockquote class="NOTE">
              <p><b>Note:</b> KSE is a work in progress.</p>
            </blockquote>
          </div>
          <br>
          <br>

          <p>The kernel now has support for multiple low-level
          console devices. The new <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=conscontrol&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">conscontrol</span>(8)</span></a> utility
          helps to manage the different consoles.</p>

          <p>The console driver has gained support for TGA-based
          display adapters.</p>

          <p>The kernel memory allocator is now a slab memory
          allocator, similar to that used in Solaris. This is a
          SMP-safe memory allocator that has near-linear
          performance as the number of CPUs increases. It also
          allows for reduced memory fragmentation.</p>

          <div class="SECT3">
            <hr>

            <h3 class="SECT3"><a name="AEN387">2.1.1
            Processor/Motherboard Support</a></h3>

            <p>SMP support has been largely reworked, incorporating
            code from BSD/OS 5.0. One of the main features of SMPng
            (``SMP Next Generation'') is to allow more processes to
            run in kernel, without the need for spin locks that can
            dramatically reduce the efficiency of multiple
            processors. Interrupt handlers now have contexts
            associated with them that allow them to be blocked,
            which reduces the need to lock out interrupts.</p>

            <p>The API UP1100 mainboard has been verified to
            work.</p>

            <p>The API CS20 1U high server has been verified to
            work.</p>

            <p>Support for AlphaServer 2100A (``Lynx'') has been
            added.</p>

            <p>Kernel code has been added that allows older
            generation Alpha CPUs (EV4 and EV5) to emulate
            instructions of the newer Alpha CPU generations. This
            enables the use of binary-only programs like <b class=
            "APPLICATION">Adobe Acrobat 4</b> on EV4 and EV5.</p>

            <p>SMP support for the Alpha is now operational.</p>

            <p>Support for the following hardware has been removed
            from the installation kernel to make it fit on a 1.44MB
            floppy again: Multia, NoName, PC64, EB64, Aspen Alpine,
            sa (SCSI tape), amr, parallel port support, vx (3c590,
            3c595), pcn (AMD Am79C97x PCI 10/100), sf (Adaptec
            AIC-6915), sis (SiS 900/SiS 7016), ste (Sundance ST201
            (D-Link DFE-550TX)), wb (Winbond W89C840F).</p>

            <p>Support for TurboChannel Alphas has been
            removed.</p>
          </div>

          <div class="SECT3">
            <hr>

            <h3 class="SECT3"><a name="AEN425">2.1.2 Bootloader
            Changes</a></h3>

            <p>The kernel and modules have been moved to the
            directory <tt class="FILENAME">/boot/kernel</tt>, so
            they can be easily manipulated together. The boot
            loader has been updated to make this change as seamless
            as possible.</p>
          </div>

          <div class="SECT3">
            <hr>

            <h3 class="SECT3"><a name="AEN447">2.1.3 Network
            Interface Support</a></h3>

            <p>The <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=dc&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">dc</span>(4)</span></a> driver now
            supports NICs based on the Xircom 3201 and Conexant
            LANfinity RS7112 chips.</p>

            <p>The <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=ed&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">ed</span>(4)</span></a> driver is now
            supported.</p>

            <p>The <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=stf&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">stf</span>(4)</span></a> device is now
            clonable.</p>

            <p>The <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=tx&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">tx</span>(4)</span></a> driver now
            supports true multicast filtering.</p>

            <p>Network devices now automatically appear as special
            files in <tt class="FILENAME">/dev/net</tt>. Interface
            hardware ioctls (not protocol or routing) can be
            performed on these devices. The <tt class=
            "VARNAME">SIOCGIFCONF</tt> ioctl may be performed on
            the special <tt class="FILENAME">/dev/network</tt>
            node.</p>

            <p>``Zero copy'' support has been added to the
            networking stack. This feature can eliminate a copy of
            network data between the kernel and userland, which is
            one of the more significant bottlenecks in network
            throughput. The send-side code should work with almost
            any network adapter, while the receive-side code
            requires a network adapter with an MTU of at least one
            memory page size (for example, jumbo frames on Gigabit
            Ethernet). For more information, see <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=zero_copy&sektion=9&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">zero_copy</span>(9)</span></a>.</p>
          </div>

          <div class="SECT3">
            <hr>

            <h3 class="SECT3"><a name="AEN707">2.1.4 Network
            Protocols</a></h3>

            <p>A <tt class="LITERAL">FAST_IPSEC</tt> kernel option
            now allows the IPsec implementation to use the kernel
            crypo framework, along with its support for hardware
            cryptographic acceleration.</p>

            <div class="NOTE">
              <blockquote class="NOTE">
                <p><b>Note:</b> The <tt class=
                "LITERAL">FAST_IPSEC</tt> and <tt class=
                "LITERAL">IPSEC</tt> options are mutually
                exclusive.</p>
              </blockquote>
            </div>

            <div class="NOTE">
              <blockquote class="NOTE">
                <p><b>Note:</b> The <tt class=
                "LITERAL">FAST_IPSEC</tt> option is, at the moment,
                not compatible with IPv6 or the <tt class=
                "LITERAL">INET6</tt> option.</p>
              </blockquote>
            </div>
            <br>
            <br>

            <p>A <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=gre&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">gre</span>(4)</span></a> driver, which
            can encapsulate IP packets using GRE (RFC 1701) or
            minimal IP encapsulation for Mobile IP (RFC 2004), has
            been added.</p>

            <p>ICMP ECHO and TSTAMP replies are now rate limited.
            TCP RSTs generated due to packets sent to open and
            unopen ports are now limited by separate counters. Each
            rate limiting queue now has its own description.</p>

            <p>IP multicast now works on VLAN devices. Several
            other bugs in the VLAN code have also been fixed.</p>

            <p><a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">ipfw</span>(4)</span></a> has been
            re-implemented (the new version is commonly referred to
            as ``IPFW2''). It now uses variable-sized
            representation of rules in the kernel, similar to <a
            href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=bpf&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">bpf</span>(4)</span></a> instructions.
            Most of the externally-visible behavior (i.e. through
            <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=8&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">ipfw</span>(8)</span></a>) should be
            unchanged., although <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=8&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">ipfw</span>(8)</span></a> now supports
            <tt class="LITERAL">or</tt> connectives between match
            fields. [MERGED]</p>

            <p>A new <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=ng_device&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">ng_device</span>(4)</span></a> netgraph
            node type has been added, which creates a device entry
            in <tt class="FILENAME">/dev</tt>, to be used as the
            entry point to a networking graph.</p>

            <p>The <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=ng_gif&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">ng_gif</span>(4)</span></a> and <a
            href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=ng_gif_demux&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">ng_gif_demux</span>(4)</span></a>
            netgraph nodes, for operating on <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=gif&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">gif</span>(4)</span></a> devices, have
            been added.</p>

            <p>The <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=ng_ip_input&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">ng_ip_input</span>(4)</span></a>
            netgraph node, for queueing IP packets into the main IP
            input processing code, has been added.</p>

            <p>A new <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=ng_l2tp&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">ng_l2tp</span>(4)</span></a> netgraph
            node type, which implements the encapsulation layer of
            the L2TP protocol as described in RFC 2661, has been
            added. [MERGED]</p>

            <p>A new ng_split node type has been added for
            splitting a bidirectional packet flow into two
            unidirectional flows.</p>

            <p>SLIP has been removed from the <tt class=
            "FILENAME">mfsroot</tt> floppy image.</p>

            <p>The ephemeral port range used for TCP and UDP has
            been changed to 49152-65535 (the old default was
            1024-5000). This increases the number of concurrent
            outgoing connections/streams.</p>

            <p>The <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=tcp&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">tcp</span>(4)</span></a> protocol's
            retransmission timer can now be manipulated with two
            sysctl variables, <tt class=
            "VARNAME">net.inet.tcp.rexmit_min</tt> and <tt class=
            "VARNAME">net.inet.tcp.rexmit_slop</tt>. The default
            has been reduced from one second to 200ms (similar to
            the Linux default) in order to better handle hicups
            over interactive connections and improve recovery over
            lossy fast connections such as wireless links.</p>

            <p>The <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=tcp&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">tcp</span>(4)</span></a> protocol now
            has the ability to dynamically limit the send-side
            window to maximize bandwidth and minimize round trip
            times. The feature can be enabled via the <tt class=
            "VARNAME">net.inet.tcp.inflight_enable</tt> sysctl.
            [MERGED]</p>
          </div>

          <div class="SECT3">
            <hr>

            <h3 class="SECT3"><a name="AEN883">2.1.5 Disks and
            Storage</a></h3>

            <p>The <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=ata&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">ata</span>(4)</span></a> driver (along
            with <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=burncd&sektion=8&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">burncd</span>(8)</span></a>) now
            supports writing to media in DVD+RW drives.</p>

            <p>The <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=ata&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">ata</span>(4)</span></a> driver now
            supports accessing ATA devices as SCSI devices via the
            CAM layer and drivers (<a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=cd&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">cd</span>(4)</span></a>, <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=da&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">da</span>(4)</span></a>, <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=st&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">st</span>(4)</span></a>, and <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=pass&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">pass</span>(4)</span></a>). This
            feature requires <tt class="LITERAL">device
            atapicam</tt> in the kernel configuration. More
            information can be found in <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=atapicam&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">atapicam</span>(4)</span></a>.
            [MERGED]</p>

            <p>The <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=ata&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">ata</span>(4)</span></a> driver now has
            support for the Sil 0680 and VIA 8233/8235 controllers.
            [MERGED]</p>

            <p>The <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=cd&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">cd</span>(4)</span></a> driver now
            supports the same <tt class=
            "LITERAL">CDRIOCREADSPEED</tt> and <tt class=
            "LITERAL">CDRIOCWRITESPEED</tt> ioctls that the <a
            href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=acd&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">acd</span>(4)</span></a> driver uses
            for setting the speed of CDROM access.</p>

            <p>The <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=fdc&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">fdc</span>(4)</span></a> floppy disk
            has undergone a number of enhancements. Density
            selection for common settings is now automatic; the
            driver is also much more flexible in setting the
            densities of various subdevices.</p>

            <p>The <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=geom&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">geom</span>(4)</span></a> disk I/O
            request transformation framework has been added; this
            extensible framework is designed to support a wide
            variety of operations on I/O requests on their way from
            the upper kernel to the device drivers.</p>

            <div class="NOTE">
              <blockquote class="NOTE">
                <p><b>Note:</b> GEOM-enabled kernels no longer
                support ``compatability slices''. This feature
                (supported on the i386 and pc98 only) allowed a
                user to refer to a disk partition without
                specifying an MBR slice (e.g. <tt class=
                "FILENAME">/dev/ad0a</tt>); the kernel would
                automatically find the first applicable FreeBSD
                slice and use it. On GEOM kernels, only the full
                partition names (e.g. <tt class=
                "FILENAME">/dev/ad0s1a</tt>) are allowed when
                referring to partitions within MBR slices. This
                change should affect very few users.</p>
              </blockquote>
            </div>
            <br>
            <br>

            <p>A GEOM Based Disk Encryption module has been added.
            It provides denial of access to ``cold disks'', with
            four different cryptographic barriers and up to four
            changeable pass-phrases. Much more information can be
            found in the <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=gbde&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">gbde</span>(4)</span></a> manual page.
            The <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=gbde&sektion=8&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">gbde</span>(8)</span></a> userland
            utility provides an operation and management interface
            to this module. This feature is not enabled by default;
            it requires <tt class="LITERAL">options GEOM_BDE</tt>
            to be added to a kernel configuration file.</p>

            <div class="NOTE">
              <blockquote class="NOTE">
                <p><b>Note:</b> This feature should be considered
                experimental.</p>
              </blockquote>
            </div>
            <br>
            <br>

            <p>The <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=isp&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">isp</span>(4)</span></a> driver is now
            proactive about discovering Fibre Channel topology
            changes.</p>

            <p>The <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=isp&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">isp</span>(4)</span></a> driver now
            supports target mode for Qlogic SCSI cards, including
            Ultra2 and Ultra3 and dual bus cards.</p>

            <p><a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=md&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">md</span>(4)</span></a>, the memory
            disk device, has had the functionality of <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=vn&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">vn</span>(4)</span></a> incorporated
            into it. <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=md&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">md</span>(4)</span></a> devices can now
            be configured by <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=mdconfig&sektion=8&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">mdconfig</span>(8)</span></a>. <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=vn&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">vn</span>(4)</span></a> has been
            removed. The Memory Filesystem (MFS) has also been
            removed.</p>

            <p>The mpt driver, for supporting the LSI Logic
            Fusion/MP architecture Fiber Channel controllers, has
            been added. [MERGED]</p>

            <p>The RAIDframe disk driver has been imported from
            NetBSD. This driver provides software-based RAID 0, 1,
            4, and 5 capabilities, as well as other functionality.
            More information can be found in the <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=raid&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">raid</span>(4)</span></a> driver manual
            page. The <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=raidctl&sektion=8&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">raidctl</span>(8)</span></a> utility is
            used to configure and unconfigure disk arrays. This
            feature is not enabled by default, and requires <tt
            class="LITERAL">device raidframe</tt> to be configured
            into a kernel.</p>

            <div class="NOTE">
              <blockquote class="NOTE">
                <p><b>Note:</b> This feature should be considered
                experimental.</p>
              </blockquote>
            </div>
            <br>
            <br>

            <p>Some problems in <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=sa&sektion=4&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">sa</span>(4)</span></a> error handling
            have been fixed, including the ``tape drive spinning
            indefinitely upon <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=mt&sektion=1&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">mt</span>(1)</span></a> <tt class=
            "OPTION">stat</tt>'' problem.</p>

            <p>The <tt class="VARNAME">SCSI_DELAY</tt>
            configuration parameter can now be set at boot time and
            runtime via the <tt class=
            "VARNAME">kern.cam.scsi_delay</tt> tunable/sysctl.</p>

            <p>The trm driver has been added to support SCSI
            adapters using the Tekram TRM-S1040 SCSI chipset.</p>
          </div>

          <div class="SECT3">
            <hr>

            <h3 class="SECT3"><a name="AEN1103">2.1.6
            Filesystems</a></h3>

            <p>Support for named extended attributes was added to
            the FreeBSD kernel. This allows the kernel, and
            appropriately privileged userland processes, to tag
            files and directories with attribute data. Extended
            attributes were added to support the TrustedBSD
            Project, in particular ACLs, capability data, and
            mandatory access control labels (see <tt class=
            "FILENAME">/usr/src/sys/ufs/ufs/README.extattr</tt> for
            details).</p>

            <p>A filesystem snapshot capability has been added to
            FFS. Details can be found in <tt class=
            "FILENAME">/usr/src/sys/ufs/ffs/README.snapshot</tt>.</p>

            <p>Softupdates for FFS have received some bug fixes and
            enhancements.</p>

            <p>When running with softupdates, <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=statfs&sektion=2&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">statfs</span>(2)</span></a> and <a
            href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=df&sektion=1&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">df</span>(1)</span></a> will track the
            number of blocks and files that are committed to being
            freed.</p>

            <p><a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=kernfs&sektion=5&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">kernfs</span>(5)</span></a> is obsolete
            and has been retired.</p>

            <p>Client-side NFS locks have been implemented.</p>

            <p>The client-side and server-side of the NFS code in
            the kernel used to be intertwined in various complex
            ways. They have been split apart for ease of
            maintenance and further development.</p>

            <p>Support for filesystem Access Control Lists (ACLs)
            has been introduced, allowing more fine-grained control
            of discretionary access control on files and
            directories. This support was integrated from the
            TrustedBSD Project. More details can be found in <tt
            class=
            "FILENAME">/usr/src/sys/ufs/ufs/README.acls</tt>.</p>

            <p>For consistency, the fdesc, fifo, null, msdos,
            portal, umap, and union filesystems have been renamed
            to fdescfs, fifofs, msdosfs, nullfs, portalfs, umapfs,
            and unionfs. Where applicable, modules and mount_*
            programs have been renamed. Compatibility ``glue'' has
            been added to <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=mount&sektion=8&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">mount</span>(8)</span></a> so that <tt
            class="LITERAL">msdos</tt> filesystem entries in <a
            href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=fstab&sektion=5&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">fstab</span>(5)</span></a> will work
            without changes.</p>

            <p>pseudofs, a pseudo-filesystem framework, has been
            added. <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=linprocfs&sektion=5&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">linprocfs</span>(5)</span></a> and <a
            href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=procfs&sektion=5&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">procfs</span>(5)</span></a> have been
            modified to use pseudofs.</p>

            <p>Network filesystems (such as NFS and smbfs
            filesystems) listed in <tt class=
            "FILENAME">/etc/fstab</tt> can now be properly mounted
            during startup initialization; their mounts are
            deferred until after the network is initialized.</p>

            <p>Read-only support for the Universal Disk Format
            (UDF) has been added. This format is used on
            packet-written CD-RWs and most commercial DVD-Video
            disks. The <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=mount_udf&sektion=8&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">mount_udf</span>(8)</span></a> command
            can be used to mount these disks.</p>

            <p>Basic support has been added for the UFS2
            filesystem. Among its features:</p>

            <ul>
              <li>
                <p>The inode has been expanded to 256 bytes to make
                space for 64-bit block pointers.</p>
              </li>

              <li>
                <p>A file-creation time field has been added.</p>
              </li>

              <li>
                <p>A native extended attributes implementation has
                been added, permitting total attribute size stored
                on an inode to be up to twice the filesystem block
                size. This storage is used for Access Control Lists
                and MAC labels, but may also be used by other
                system extensions and user applications.</p>
              </li>
            </ul>
            <br>
            <br>
          </div>

          <div class="SECT3">
            <hr>

            <h3 class="SECT3"><a name="AEN1188">2.1.7 PCCARD
            Support</a></h3>

            <p>&#13;</p>
          </div>

          <div class="SECT3">
            <hr>

            <h3 class="SECT3"><a name="AEN1211">2.1.8 Multimedia
            Support</a></h3>

            <p>A new API has been added for sound cards with
            hardware volume control.</p>
          </div>

          <div class="SECT3">
            <hr>

            <h3 class="SECT3"><a name="AEN1242">2.1.9 Contributed
            Software</a></h3>

            <p>The Forth Inspired Command Language (<b class=
            "APPLICATION">FICL</b>) used in the boot loader has
            been updated to 3.02.</p>

            <p>Support for Advanced Configuration and Power
            Interface (ACPI), a multi-vendor standard for
            configuration and power management, has been added.
            This functionality has been provided by the <b class=
            "APPLICATION">Intel ACPI Component Architecture</b>
            project, as of the ACPI CA 20020815 snapshot. Some
            backward compatability for applications using the older
            APM standard has been provided.</p>

            <div class="SECT4">
              <hr>

              <h4 class="SECT4"><a name="AEN1248">2.1.9.1
              IPFilter</a></h4>

              <p><b class="APPLICATION">IPFilter</b> has been
              updated to 3.4.29. [MERGED]</p>
            </div>

            <div class="SECT4">
              <hr>

              <h4 class="SECT4"><a name="KAME-KERNEL">2.1.9.3
              KAME</a></h4>
            </div>
          </div>
        </div>

        <div class="SECT2">
          <hr>

          <h2 class="SECT2"><a name="SECURITY">2.2 Security-Related
          Changes</a></h2>

          <p>A bug in which malformed ELF executable images can
          hang the system has been fixed (see security advisory
          FreeBSD-SA-00:41). [MERGED]</p>

          <p>A security hole in Linux emulation was fixed (see
          security advisory FreeBSD-SA-00:42). [MERGED]</p>

          <p>TCP now uses stronger randomness in choosing its
          initial sequence numbers (see security advisory
          FreeBSD-SA-00:52). [MERGED]</p>

          <p>Several buffer overflows in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=tcpdump&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">tcpdump</span>(1)</span></a> were
          corrected (see security advisory FreeBSD-SA-00:61).
          [MERGED]</p>

          <p>A security hole in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=top&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">top</span>(1)</span></a> was corrected
          (see security advisory FreeBSD-SA-00:62). [MERGED]</p>

          <p>A potential security hole caused by an
          off-by-one-error in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=gethostbyname&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">gethostbyname</span>(3)</span></a> has
          been fixed (see security advisory FreeBSD-SA-00:63).
          [MERGED]</p>

          <p>A potential buffer overflow in the <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ncurses&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ncurses</span>(3)</span></a> library,
          which could cause arbitrary code to be run from within <a
          href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=systat&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">systat</span>(1)</span></a>, has been
          corrected (see security advisory FreeBSD-SA-00:68).
          [MERGED]</p>

          <p>A vulnerability in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=telnetd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">telnetd</span>(8)</span></a> that could
          cause it to consume large amounts of server resources has
          been fixed (see security advisory FreeBSD-SA-00:69).
          [MERGED]</p>

          <p>The <tt class="LITERAL">nat deny_incoming</tt> command
          in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ppp&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ppp</span>(8)</span></a> now works
          correctly (see security advisory FreeBSD-SA-00:70).
          [MERGED]</p>

          <p>A vulnerability in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=csh&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">csh</span>(1)</span></a>/<a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=tcsh&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">tcsh</span>(1)</span></a> temporary files
          that could allow overwriting of arbitrary user-writable
          files has been closed (see security advisory
          FreeBSD-SA-00:76). [MERGED]</p>

          <p>Several vulnerabilities in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=procfs&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">procfs</span>(5)</span></a> were fixed
          (see security advisory FreeBSD-SA-00:77). [MERGED]</p>

          <p>A bug in <b class="APPLICATION">OpenSSH</b> in which a
          server was unable to disable <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ssh-agent&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ssh-agent</span>(1)</span></a> or <tt
          class="LITERAL">X11Forwarding</tt> was fixed (see
          security advisory FreeBSD-SA-01:01). [MERGED]</p>

          <p>A bug in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ipfw</span>(8)</span></a> and <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ip6fw&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ip6fw</span>(8)</span></a> in which
          inbound TCP segments could incorrectly be treated as
          being part of an <tt class="LITERAL">established</tt>
          connection has been fixed (see security advisory
          FreeBSD-SA-01:08). [MERGED]</p>

          <p>A bug in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=crontab&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">crontab</span>(1)</span></a> that could
          allow users to read any file on the system in valid <a
          href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=crontab&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">crontab</span>(5)</span></a> syntax has
          been fixed (see security advisory FreeBSD-SA-01:09).
          [MERGED]</p>

          <p>A vulnerability in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=inetd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">inetd</span>(8)</span></a> that could
          allow read-access to the initial 16 bytes of <tt class=
          "GROUPNAME">wheel</tt>-accessible files has been fixed
          (see security advisory FreeBSD-SA-01:11). [MERGED]</p>

          <p>A bug in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=periodic&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">periodic</span>(8)</span></a> that used
          insecure temporary files has been corrected (see security
          advisory FreeBSD-SA-01:12). [MERGED]</p>

          <p><b class="APPLICATION">OpenSSH</b> now has code to
          prevent (instead of just mitigating through connection
          limits) an attack that can lead to guessing the server
          key (not host key) by regenerating the server key when an
          RSA failure is detected (see security advisory
          FreeBSD-SA-01:24). [MERGED]</p>

          <p>A bug in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=timed&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">timed</span>(8)</span></a>, which caused
          it to crash if send certain malformed packets, has been
          corrected (see security advisory FreeBSD-SA-01:28).
          [MERGED]</p>

          <p>A bug in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=rwhod&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">rwhod</span>(8)</span></a>, which caused
          it to crash if send certain malformed packets, has been
          corrected (see security advisory FreeBSD-SA-01:29).
          [MERGED]</p>

          <p>A security hole in FreeBSD's FFS and EXT2FS
          implementations, which allowed a race condition that
          could cause users to have unauthorized access to data,
          has been fixed (see security advisory FreeBSD-SA-01:30).
          [MERGED]</p>

          <p>A remotely-exploitable vulnerability in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ntpd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ntpd</span>(8)</span></a> has been closed
          (see security advisory FreeBSD-SA-01:31). [MERGED]</p>

          <p>A security hole in <b class=
          "APPLICATION">IPFilter</b>'s fragment cache has been
          closed (see security advisory FreeBSD-SA-01:32).
          [MERGED]</p>

          <p>Buffer overflows in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=glob&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">glob</span>(3)</span></a>, which could
          cause arbitrary code to be run on an FTP server, have
          been closed. In addition, to prevent some forms of DOS
          attacks, <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=glob&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">glob</span>(3)</span></a> allows
          specification of a limit on the number of pathname
          matches it will return. <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ftpd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ftpd</span>(8)</span></a> now uses this
          feature (see security advisory FreeBSD-SA-01:33).
          [MERGED]</p>

          <p>Initial sequence numbers in TCP are more thoroughly
          randomized (see security advisory FreeBSD-SA-01:39). Due
          to some possible compatibility issues, the behavior of
          this security fix can be enabled or disabled via the <tt
          class="VARNAME">net.inet.tcp.tcp_seq_genscheme</tt>
          sysctl variable.[MERGED]</p>

          <p>A vulnerability in the <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=fts&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">fts</span>(3)</span></a> routines (used
          by applications for recursively traversing a filesystem)
          could allow a program to operate on files outside the
          intended directory hierarchy. This bug has been fixed
          (see security advisory FreeBSD-SA-01:40). [MERGED]</p>

          <p>A flaw allowed some signal handlers to remain in
          effect in a child process after being exec-ed from its
          parent. This allowed an attacker to execute arbitrary
          code in the context of a setuid binary. This flaw has
          been corrected (see security advisory FreeBSD-SA-01:42).
          [MERGED]</p>

          <p>A remote buffer overflow in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=tcpdump&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">tcpdump</span>(1)</span></a> has been
          fixed (see security advisory FreeBSD-SA-01:48).
          [MERGED]</p>

          <p>A remote buffer overflow in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=telnetd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">telnetd</span>(8)</span></a> has been
          fixed (see security advisory FreeBSD-SA-01:49).
          [MERGED]</p>

          <p>The new <tt class=
          "VARNAME">net.inet.ip.maxfragpackets</tt> and <tt class=
          "VARNAME">net.inet.ip6.maxfragpackets</tt> sysctl
          variables limit the amount of memory that can be consumed
          by IPv4 and IPv6 packet fragments, which defends against
          some denial of service attacks (see security advisory
          FreeBSD-SA-01:52). [MERGED]</p>

          <p>A flaw in the implementation of the <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ipfw</span>(8)</span></a> <tt class=
          "LITERAL">me</tt> rules on point-to-point links has been
          corrected. Formerly, <tt class="LITERAL">me</tt> filter
          rules would match the remote IP address of a
          point-to-point interface in addition to the intended
          local IP address (see security advisory
          FreeBSD-SA-01:53). [MERGED]</p>

          <p>A vulnerability in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=procfs&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">procfs</span>(5)</span></a>, which could
          allow a process to read sensitive information from
          another process's memory space, has been closed (see
          security advisory FreeBSD-SA-01:55). [MERGED]</p>

          <p>The <tt class="LITERAL">PARANOID</tt> hostname
          checking in <b class="APPLICATION">tcp_wrappers</b> now
          works as advertised (see security advisory
          FreeBSD-SA-01:56). [MERGED]</p>

          <p>A local root exploit in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=sendmail&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">sendmail</span>(8)</span></a> has been
          closed (see security advisory FreeBSD-SA-01:57).
          [MERGED]</p>

          <p>A remote root vulnerability in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=lpd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">lpd</span>(8)</span></a> has been closed
          (see security advisory FreeBSD-SA-01:58). [MERGED]</p>

          <p>A race condition in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=rmuser&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">rmuser</span>(8)</span></a> that briefly
          exposed a world-readable <tt class=
          "FILENAME">/etc/master.passwd</tt> has been fixed (see
          security advisory FreeBSD-SA-01:59). [MERGED]</p>

          <p>A vulnerability in <b class="APPLICATION">UUCP</b> has
          been closed (see security advisory FreeBSD-SA-01:62). All
          non-<tt class="USERNAME">root</tt>-owned binaries in
          standard system paths now have the <tt class=
          "LITERAL">schg</tt> flag set to prevent exploit vectors
          when run by <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=cron&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">cron</span>(8)</span></a>, by <tt class=
          "USERNAME">root</tt>, or by a user other then the one
          owning the binary. In addition, <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=uustat&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">uustat</span>(1)</span></a> is now run
          via <tt class=
          "FILENAME">/etc/periodic/daily/410.status-uucp</tt> as
          <tt class="USERNAME">uucp</tt>, not <tt class=
          "USERNAME">root</tt>. In FreeBSD -CURRENT, <b class=
          "APPLICATION">UUCP</b> has since been moved to the Ports
          Collection and no longer a part of the base system.
          [MERGED]</p>

          <p>A security hole in <b class="APPLICATION">OpenSSH</b>,
          which could allow users to execute code with arbitrary
          privileges if <tt class="LITERAL">UseLogin yes</tt> was
          set, has been closed. Note that the default value of this
          setting is <tt class="LITERAL">UseLogin no</tt>. (See
          security advisory FreeBSD-SA-01:63.) [MERGED]</p>

          <p>The use of an insecure temporary directory by <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pkg_add&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pkg_add</span>(1)</span></a> could permit
          a local attacker to modify the contents of binary
          packages while they were being installed. This hole has
          been closed. (See security advisory FreeBSD-SA-02:01.)
          [MERGED]</p>

          <p>A race condition in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pw&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pw</span>(8)</span></a>, which could
          expose the contents of <tt class=
          "FILENAME">/etc/master.passwd</tt>, has been eliminated.
          (See security advisory FreeBSD-SA-02:02.) [MERGED]</p>

          <p>A bug in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=k5su&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">k5su</span>(8)</span></a> could have
          allowed a process that had given up superuser privileges
          to regain them. This bug has been fixed. (See security
          advisory FreeBSD-SA-02:07.) [MERGED]</p>

          <p>An ``off-by-one'' bug has been fixed in <b class=
          "APPLICATION">OpenSSH</b>'s multiplexing code. This bug
          could have allowed an authenticated remote user to cause
          <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=sshd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">sshd</span>(8)</span></a> to execute
          arbitrary code with superuser privileges, or allowed a
          malicious SSH server to execute arbitrary code on the
          client system with the privileges of the client user.
          (See security advisory <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc"
           target="_top">FreeBSD-SA-02:13</a>.) [MERGED]</p>

          <p>A programming error in <b class="APPLICATION">zlib</b>
          could result in attempts to free memory multiple times.
          The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=malloc&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">malloc</span>(3)</span></a>/<a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=free&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">free</span>(3)</span></a> routines used
          in FreeBSD are not vulnerable to this error, but
          applications receiving specially-crafted blocks of
          invalid compressed data could be made to function
          incorrectly or abort. This <b class=
          "APPLICATION">zlib</b> bug has been fixed. For a
          workaround and solutions, see security advisory <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:18.zlib.v1.2.asc"
           target="_top">FreeBSD-SA-02:18</a>. [MERGED]</p>

          <p>Bugs in the TCP SYN cache (``syncache'') and SYN
          cookie (``syncookie'') implementations, which could cause
          legitimate TCP/IP traffic to crash a machine, have been
          fixed. For a workaround and patches, see security
          advisory <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:20.syncache.asc"
           target="_top">FreeBSD-SA-02:20</a>. [MERGED]</p>

          <p>A routing table memory leak, which could allow a
          remote attacker to exhaust the memory of a target
          machine, has been fixed. A workaround and patches can be
          found in security advisory <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:21.tcpip.asc"
           target="_top">FreeBSD-SA-02:21</a>. [MERGED]</p>

          <p>A bug with memory-mapped I/O, which could cause a
          system crash, has been fixed. For more information about
          a solution, see security advisory <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:22.mmap.asc"
           target="_top">FreeBSD-SA-02:22</a>. [MERGED]</p>

          <p>A security hole, in which SUID programs could be made
          to read from or write to inappropriate files through
          manipulation of their standard I/O file descriptors, has
          been fixed. Information regarding a solution can be found
          in security advisory <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.asc"
           target="_top">FreeBSD-SA-02:23</a>. [MERGED]</p>

          <p>Some unexpected behavior could be allowed with <a
          href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=k5su&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">k5su</span>(8)</span></a> because it does
          not require that an invoking user be a member of the <tt
          class="GROUPNAME">wheel</tt> group when attempting to
          become the superuser (this is the case with <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=su&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">su</span>(1)</span></a>). To avoid this
          situation, <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=k5su&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">k5su</span>(8)</span></a> is now
          installed non-SUID by default (effectively disabling it).
          More information can be found in security advisory <a
          href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:24.k5su.asc"
           target="_top">FreeBSD-SA-02:24</a>. [MERGED]</p>

          <p>Multiple vulnerabilities were found in the <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=bzip2&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">bzip2</span>(1)</span></a> utility, which
          could allow files to be overwritten without warning or
          allow local users unintended access to files. These
          problems have been corrected with a new import of <b
          class="APPLICATION">bzip2</b>. For more information, see
          security advisory <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:25.bzip2.asc"
           target="_top">FreeBSD-SA-02:25</a>. [MERGED]</p>

          <p>A bug has been fixed in the implementation of the TCP
          SYN cache (``syncache''), which could allow a remote
          attacker to deny access to a service when accept filters
          (see <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=accept_filter&sektion=9&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">accept_filter</span>(9)</span></a>) were
          in use. This bug has been fixed; for more information,
          see security advisory <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:26.accept.asc"
           target="_top">FreeBSD-SA-02:26</a>. [MERGED]</p>

          <p>Due to a bug in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=rc&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">rc</span>(8)</span></a>'s use of shell
          globbing, users may be able to remove the contents of
          arbitrary files if <tt class=
          "FILENAME">/tmp/.X11-unix</tt> does not exist and the
          system can be made to reboot. This bug has been corrected
          (see security advisory <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:27.rc.asc"
           target="_top">FreeBSD-SA-02:27</a>). [MERGED]</p>

          <p>A buffer overflow in the resolver, which could be
          exploited by a malicious domain name server or an
          attacker forging DNS messages, has been fixed. See
          security advisory <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:28.resolv.asc"
           target="_top">FreeBSD-SA-02:28</a> for more details.
          [MERGED]</p>

          <p>A buffer overflow in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=tcpdump&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">tcpdump</span>(1)</span></a>, which could
          be triggered by badly-formed NFS packets, has been fixed.
          See security advisory <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:29.tcpdump.asc"
           target="_top">FreeBSD-SA-02:29</a> for more details.
          [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ktrace&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ktrace</span>(1)</span></a> can no longer
          trace the operation of formerly privileged processes;
          this prevents the leakage of sensitive information that
          the process could have obtained before abandoning its
          privileges. For a discussion of this issue, see security
          advisory <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:30.ktrace.asc"
           target="_top">FreeBSD-SA-02:30</a> for more details.
          [MERGED]</p>

          <p>A race condition in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pppd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pppd</span>(8)</span></a>, which could be
          used to change the permissions of an arbitrary file, has
          been corrected. For more information, see security
          advisory <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:32.pppd.asc"
           target="_top">FreeBSD-SA-02:32</a>. [MERGED]</p>

          <p>Multiple buffer overflows in <b class=
          "APPLICATION">OpenSSL</b> have been corrected, by way of
          an upgrade to the base system version of <b class=
          "APPLICATION">OpenSSL</b>. More details can be found in
          security advisory <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:33.openssl.asc"
           target="_top">FreeBSD-SA-02:33</a>. [MERGED]</p>

          <p>A heap buffer overflow in the XDR decoder has been
          fixed. For more details, see security advisory <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:34.rpc.asc"
           target="_top">FreeBSD-SA-02:34</a>. [MERGED]</p>

          <p>A bug that could allow local users to read and write
          arbitrary blocks on an FFS filesystem has been corrected.
          More details can be found in security advisory <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:35.ffs.asc"
           target="_top">FreeBSD-SA-02:35</a>. [MERGED]</p>

          <p>A bug in the NFS server code, which could allow a
          remote denial of service attack, has been fixed. Security
          advisory <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:36.nfs.asc"
           target="_top">FreeBSD-SA-02:36</a> has more details.
          [MERGED]</p>

          <p>A bug that could allow local users to panic a system
          using the <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=kqueue&sektion=2&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">kqueue</span>(2)</span></a> mechanism has
          been fixed. More information is contained in security
          advisory <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:37.kqueue.asc"
           target="_top">FreeBSD-SA-02:37</a>. [MERGED]</p>

          <p>Several bounds-checking bugs in system calls, which
          could result in some system calls returning a large
          portion of kernel memory, have been fixed. More
          information can be found in security advisory <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:38.signed-error.asc"
           target="_top">FreeBSD-SA-02:38</a>. [MERGED]</p>

          <p>A bug that could allow applications using <tt class=
          "FILENAME">libkvm</tt> to leak sensitive file descriptors
          has been corrected. (See security advisory <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:39.libkvm.asc"
           target="_top">FreeBSD-SA-02:39</a> for more details.)
          [MERGED]</p>

          <p>Buffer overflows in kadmind(8) and k5admin have been
          corrected. More details can be found in security advisory
          <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:40.kadmind.asc"
           target="_top">FreeBSD-SA-02:40</a>. [MERGED]</p>

          <p>Errors in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=smrsh&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">smrsh</span>(8)</span></a>, which could
          allow users to circumvent restrictions on what programs
          can be executed, have been fixed. See <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:41.smrsh.asc"
           target="_top">FreeBSD-SA-02:41</a> for details.
          [MERGED]</p>

          <p>Buffer overflows in the DNS <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=resolver&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">resolver</span>(3)</span></a>, which
          could cause some applications to fail, have been
          corrected. More details are in <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:42.resolv.asc"
           target="_top">FreeBSD-SA-02:42</a>. [MERGED]</p>

          <p>Multiple vulnerabilities in <b class=
          "APPLICATION">BIND</b> have been fixed, as described in
          <a href=
          "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:43.bind.asc"
           target="_top">FreeBSD-SA-02:43</a>. [MERGED]</p>
        </div>

        <div class="SECT2">
          <hr>

          <h2 class="SECT2"><a name="USERLAND">2.3 Userland
          Changes</a></h2>

          <p>Support for <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=a.out&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">a.out</span>(5)</span></a> format
          executables in the compiler toolchain has been largely
          removed.</p>

          <div class="NOTE">
            <blockquote class="NOTE">
              <p><b>Note:</b> This is a work in progress.
              Eventually, <a href=
              "http://www.FreeBSD.org/cgi/man.cgi?query=a.out&sektion=5&manpath=FreeBSD+5.0-current">
              <span class="CITEREFENTRY"><span class=
              "REFENTRYTITLE">a.out</span>(5)</span></a> support
              will resurface in a series of ports/packages.</p>
            </blockquote>
          </div>
          <br>
          <br>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=arp&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">arp</span>(8)</span></a> now prints <tt
          class="LITERAL">[fddi]</tt> or <tt class=
          "LITERAL">[atm]</tt> tags for addresses on interfaces of
          those types.</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=asa&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">asa</span>(1)</span></a> utility, to
          interpret FORTRAN carriage-control characters, has been
          added.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=at&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">at</span>(1)</span></a> now supports the
          <tt class="OPTION">-r</tt> command-line option to remove
          jobs and the <tt class="OPTION">-t</tt> option to specify
          times in POSIX time format.</p>

          <p>The system <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=awk&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">awk</span>(1)</span></a> now refers to <b
          class="APPLICATION">BWK awk</b>.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=basename&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">basename</span>(1)</span></a> now accept
          <tt class="OPTION">-a</tt> and <tt class="OPTION">-s</tt>
          flags, which allow it to perform the <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=basename&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">basename</span>(3)</span></a> function on
          multiple files.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=biff&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">biff</span>(1)</span></a> now accepts a
          <tt class="OPTION">b</tt> argument to enable ``bell
          notification'' of new mail (which does not disturb the
          terminal contents as <tt class="COMMAND">biff y</tt>
          would). [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=biff&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">biff</span>(1)</span></a> now uses the
          first terminal associated with the standard input,
          standard output or standard error file descriptor, in
          that order. Thus, it is possible to use the redirection
          facilities of a shell (<tt class="COMMAND">biff n &lt;
          /dev/ttyp1</tt>) to toggle the notification for other
          terminals.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=burncd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">burncd</span>(8)</span></a> now supports
          Disk At Once (DAO) mode, selectable via the <tt class=
          "OPTION">-d</tt> flag. [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=burncd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">burncd</span>(8)</span></a> now has the
          ability to write VCDs/SVCDs. [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=burncd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">burncd</span>(8)</span></a> now accepts a
          value of <tt class="LITERAL">max</tt> for its <tt class=
          "OPTION">-s</tt> option to set the drive's maximum write
          speed.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=bzgrep&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">bzgrep</span>(1)</span></a>, <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=bzegrep&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">bzegrep</span>(1)</span></a>, and <a
          href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=bzfgrep&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">bzfgrep</span>(1)</span></a> have been
          added to perform <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=grep&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">grep</span>(1)</span></a>-type operations
          on <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=bzip2&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">bzip2</span>(1)</span></a>-compressed
          files.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=calendar&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">calendar</span>(1)</span></a> now takes a
          <tt class="OPTION">-W</tt> option, which operates similar
          to <tt class="OPTION">-A</tt> but without special
          treatment at weekends, and a <tt class=
          "OPTION">-F</tt>option to change the notion of
          ``Friday''.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=catman&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">catman</span>(1)</span></a> is now a C
          program, instead of a Perl script.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=cdcontrol&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">cdcontrol</span>(1)</span></a> now
          supports a <tt class="LITERAL">speed</tt> command to set
          the maximum speed to be used by the drive (the maximum
          possible speed can be selected setting the speed to <tt
          class="LITERAL">max</tt>).</p>

          <p>A <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=check_utility_compat&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">check_utility_compat</span>(3)</span></a>
          library function has been added to <tt class=
          "FILENAME">libc</tt>, to determine whether certain
          FreeBSD base system utilities should behave in FreeBSD
          4-compatible mode or in a ``standard'' mode (default
          standard). The configuration is done <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=malloc&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">malloc</span>(3)</span></a>-style, with
          either an environment variable or a symbolic link.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=chflags&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">chflags</span>(1)</span></a> has moved
          from <tt class="FILENAME">/usr/bin</tt> to <tt class=
          "FILENAME">/bin</tt>.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=chmod&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">chmod</span>(1)</span></a> now supports a
          <tt class="OPTION">-h</tt> for changing the mode of a
          symbolic link.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=chmod&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">chmod</span>(1)</span></a> now also, when
          the mode is modified, prints the old and new modes if the
          <tt class="OPTION">-v</tt> option is specified more than
          once.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=chown&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">chown</span>(8)</span></a> no longer
          takes <tt class="LITERAL">.</tt> as a user/group
          delimeter. This change was made to support usernames
          containing a <tt class="LITERAL">.</tt>.</p>

          <p>Use of the <tt class="LITERAL">CSMG_*</tt> macros no
          longer require inclusion of <tt class=
          "FILENAME">&lt;sys/param.h&gt;</tt></p>

          <p>A <tt class="FILENAME">compat4x</tt> distribution has
          been added for compatibility with FreeBSD 4-STABLE.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=cp&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">cp</span>(1)</span></a> now takes a
          (nonstandard) <tt class="OPTION">-n</tt> option to
          automatically answer ``no'' when it would ask to
          overwrite a file. [MERGED]</p>

          <p>A new <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=csplit&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">csplit</span>(1)</span></a> utility,
          which splits files based on context, has been added.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ctags&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ctags</span>(1)</span></a> now creates
          tags for typedefs, structs, unions, and enums by default
          (implying the <tt class="OPTION">-t</tt> option). The new
          <tt class="OPTION">-T</tt> reverts to the old
          behavior.</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=daemon&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">daemon</span>(8)</span></a> program, a
          command-line interface to <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=daemon&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">daemon</span>(3)</span></a>, has been
          added. It detaches itself from its controlling terminal
          and executes a program specified on the command line.
          This allows the user to run an arbitrary program as if it
          were written to be a daemon. [MERGED]</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=devd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">devd</span>(8)</span></a> utility, a
          userland daemon that can run arbitrary commands when
          devices come and go in the device tree, has been added.
          This program is a generalization of some of the
          functionality of <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pccardd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pccardd</span>(8)</span></a>.</p>

          <div class="NOTE">
            <blockquote class="NOTE">
              <p><b>Note:</b> <a href=
              "http://www.FreeBSD.org/cgi/man.cgi?query=devd&sektion=8&manpath=FreeBSD+5.0-current">
              <span class="CITEREFENTRY"><span class=
              "REFENTRYTITLE">devd</span>(8)</span></a> is
              work-in-progress.</p>
            </blockquote>
          </div>
          <br>
          <br>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=devinfo&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">devinfo</span>(8)</span></a>, a simple
          tool to print the device tree and resource usage by
          devices, has been added.</p>

          <p>diskpart(8) has been declared obsolete, and has been
          removed.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=dump&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">dump</span>(8)</span></a> now supports a
          new <tt class="OPTION">-S</tt> flag to allow it to just
          print out the dump size estimates and exit. [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=expr&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">expr</span>(1)</span></a> is now
          compliant with POSIX.2-1992 (and thus also with
          POSIX.1-2001). Some program depend on the old, historic
          behavior and do not properly protect their arguments to
          keep them from being misinterpreted as command-line
          options. (the <a href=
          "http://www.FreeBSD.org/cgi/url.cgi?ports/devel/libtool/pkg-descr">
          <tt class="FILENAME">devel/libtool</tt></a> port/package,
          used by many GNU programs, is a notable example). The old
          behavior can be requested by enabling compatibility mode
          for <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=expr&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">expr</span>(1)</span></a> as described in
          <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=check_utility_compat&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">check_utility_compat</span>(3)</span></a>.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=fbtab&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">fbtab</span>(5)</span></a> now accepts
          glob matching patterns for target devices, not just
          individual devices and directories.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=fdread&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">fdread</span>(1)</span></a>, a program to
          read data from floppy disks, has been added. It is a
          counterpart to <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=fdwrite&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">fdwrite</span>(1)</span></a> and is
          designed to provide a means of recovering at least some
          data from bad media, and to obviate for a complex
          invocation of <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=dd&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">dd</span>(1)</span></a>.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=finger&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">finger</span>(1)</span></a> now has
          support for a <tt class="FILENAME">.pubkey</tt> file.
          [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=finger&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">finger</span>(1)</span></a> now supports
          a <tt class="OPTION">-g</tt> flag to restrict the
          printing of GECOS information to the user's full name
          only. [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=finger&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">finger</span>(1)</span></a> now supports
          the <tt class="OPTION">-4</tt> and <tt class=
          "OPTION">-6</tt> flags to specify an address family for
          remote queries. [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=fold&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">fold</span>(1)</span></a> now supports a
          <tt class="OPTION">-b</tt> flag to break at byte
          positions and a <tt class="OPTION">-s</tt> flag to break
          at word boundaries. [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=fsck&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">fsck</span>(8)</span></a> wrappers have
          been imported; this feature provides infrastructure for
          <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=fsck&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">fsck</span>(8)</span></a> to work on
          different types of filesystems (analogous to <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=mount&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">mount</span>(8)</span></a>).</p>

          <p>The behavior of <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=fsck&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">fsck</span>(8)</span></a> when dealing
          with various passes (a la <tt class=
          "FILENAME">/etc/fstab</tt>) has been modified to
          accommodate multiple-disk filesystems.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=fsck&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">fsck</span>(8)</span></a> now has support
          for foreground (<tt class="OPTION">-F</tt>) and
          background (<tt class="OPTION">-B</tt>) checks.
          Traditionally, <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=fsck&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">fsck</span>(8)</span></a> is invoked
          before the filesystems are mounted and all checks are
          done to completion at that time. If background checking
          is available, <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=fsck&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">fsck</span>(8)</span></a> is invoked
          twice. It is first invoked at the traditional time,
          before the filesystems are mounted, with the <tt class=
          "OPTION">-F</tt> flag to do checking on all the
          filesystems that cannot do background checking. It is
          then invoked a second time, after the system has
          completed going multiuser, with the <tt class=
          "OPTION">-B</tt> flag to do checking on all the
          filesystems that can do background checking. Unlike the
          foreground checking, the background checking is started
          asynchronously so that other system activity can proceed
          even on the filesystems that are being checked. Boot-time
          enabling of this feature is controlled by the <tt class=
          "VARNAME">background_fsck</tt> option in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=rc.conf&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">rc.conf</span>(5)</span></a>.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=fsck_ffs&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">fsck_ffs</span>(8)</span></a> now
          supports background filesystem checks to mounted FFS
          filesystems with the <tt class="OPTION">-B</tt> option
          (softupdates must be enabled on these filesystems). The
          <tt class="OPTION">-F</tt> flag now determines whether a
          specified filesystem needs foreground checking.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ftpd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ftpd</span>(8)</span></a> now supports
          the <tt class="OPTION">-m</tt> option to permit guest
          users to modify existing files if allowed by filesystem
          permissions. In particular, this enables guest users to
          resume uploads. [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ftpd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ftpd</span>(8)</span></a> now supports
          the <tt class="OPTION">-M</tt> option to prevent guest
          users from creating directories. [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ftpd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ftpd</span>(8)</span></a> now supports
          <tt class="OPTION">-o</tt> and <tt class="OPTION">-O</tt>
          options to disable the <tt class="LITERAL">RETR</tt>
          command; the former for everybody, and the latter only
          for guest users. Coupled with <tt class="OPTION">-A</tt>
          and appropriate file permissions, these can be used to
          create a relatively safe anonymous FTP drop box for
          others to upload to. [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ftpd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ftpd</span>(8)</span></a> now supports
          the <tt class="OPTION">-W</tt> option to disable logging
          FTP sessions to <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=wtmp&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">wtmp</span>(5)</span></a>. [MERGED]</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=getconf&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">getconf</span>(1)</span></a> utility has
          been added. It prints the values of POSIX or X/Open path
          or system configuration variables. [MERGED]</p>

          <p>gifconfig(8) is obsolete and has been removed. Its
          functionality is now handled by the <tt class=
          "OPTION">tunnel</tt> and <tt class=
          "OPTION">deletetunnel</tt> commands of <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ifconfig&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ifconfig</span>(8)</span></a>.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=gprof&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">gprof</span>(1)</span></a> now has a <tt
          class="OPTION">-K</tt> option to enable dynamic symbol
          resolution from the currently-running kernel. With this
          change, properly-compiled KLD modules are now able to be
          profiled.</p>

          <p>The ibcs(8), linux(8), osf1(8), and svr4(8) scripts,
          whose sole purpose was to load emulation kernel modules,
          have been removed. The kernel module system will
          automatically load them as needed to fulfill
          dependencies.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ifconfig&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ifconfig</span>(8)</span></a> now has the
          ability to set promiscuous mode on an interface, via the
          new <tt class="OPTION">promisc</tt> flag. [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ifconfig&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ifconfig</span>(8)</span></a> now
          supports a <tt class="LITERAL">monitor</tt> interface
          flag, which blocks transmission of packets on that
          interface. This feature is useful for monitoring network
          traffic without interacting with the network in
          question.</p>

          <p>By default, <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=inetd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">inetd</span>(8)</span></a> is no longer
          run by <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=rc&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">rc</span>(8)</span></a> at boot-time,
          although <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">sysinstall</span>(8)</span></a> gives the
          option of enabling it during binary installations. <a
          href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=inetd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">inetd</span>(8)</span></a> can also be
          enabled by adding the following line to <tt class=
          "FILENAME">/etc/rc.conf</tt>:</p>
<pre class="PROGRAMLISTING">
    inetd_enable="YES"
</pre>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=inetd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">inetd</span>(8)</span></a> now has the
          capability for limiting the maximum number of
          simultaneous invocations of each service from a single IP
          address. [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ipfw</span>(8)</span></a> filter rules
          can now match on the value of the IPv4 precedence
          field.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=kbdmap&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">kbdmap</span>(1)</span></a> and <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=vidfont&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">vidfont</span>(1)</span></a> have been
          converted from Perl to C.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=kenv&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">kenv</span>(1)</span></a> now has the
          ability to set or delete kernel environment
          variables.</p>

          <p>The kget(8) utility has been removed (it was only
          useful for UserConfig, which is not present in FreeBSD
          5.0-DP2).</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=killall&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">killall</span>(1)</span></a> no longer
          tries to kill zombie processes unless the <tt class=
          "OPTION">-z</tt> flag is specified.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ktrdump&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ktrdump</span>(8)</span></a>, a utility
          to dump the ktr trace buffer from userland, has been
          added.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ldd&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ldd</span>(1)</span></a> now supports a
          <tt class="OPTION">-a</tt> flag to list all the objects
          that are needed by each loaded object.</p>

          <p><tt class="FILENAME">libc</tt> is now thread-safe by
          default; <tt class="FILENAME">libc_r</tt> contains only
          thread functions.</p>

          <p><tt class="FILENAME">libstand</tt> now has support for
          overwriting the contents of a file on a UFS filesystem
          (it cannot expand or truncate files because the
          filesystem may be dirty or inconsistent).</p>

          <p><tt class="FILENAME">libgmp</tt> has been superceded
          by <tt class="FILENAME">libmp</tt>.</p>

          <p>The functions from <tt class=
          "FILENAME">libposix1e</tt> have been integrated into <tt
          class="FILENAME">libc</tt>.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=lock&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">lock</span>(1)</span></a> now accepts a
          <tt class="OPTION">-v</tt> to disable switching VTYs
          while the current terminal is locked. This permits
          locking the entire console from a single terminal.
          [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=lpc&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">lpc</span>(8)</span></a> has been
          improved; <tt class="COMMAND">lpc clean</tt> is now
          somewhat safer, and a new <tt class="COMMAND">lpc
          tclean</tt> command has been added to check to see what
          files would be removed by <tt class="COMMAND">lpc
          clean</tt>. <tt class="COMMAND">lpc topq</tt> has been
          reimplemented, and now allows for a much more flexible
          specification of which jobs should be moved (such as a
          range of job numbers, or a hostname). An <tt class=
          "COMMAND">lpc bottomq</tt> command has been added to move
          jobs to the bottom of a print queue, and a new <tt class=
          "COMMAND">lpc setstatus</tt> command can be used to set a
          printer's status message. [MERGED]</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ls&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ls</span>(1)</span></a> program now
          supports a <tt class="OPTION">-m</tt> flag to list files
          across a page, a <tt class="OPTION">-p</tt> flag to force
          printing of a <tt class="LITERAL">/</tt> after
          directories, and a <tt class="OPTION">-x</tt> flag to
          sort filenames across a page. [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=makewhatis&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">makewhatis</span>(1)</span></a> is now a
          C program, instead of a Perl script.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=man&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">man</span>(1)</span></a> is no longer
          installed SUID <tt class="USERNAME">man</tt>, in order to
          reduce vulnerabilities associated with generating
          ``catpages'' (preformatted manual pages cached for
          repeated viewing). As a result, <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=man&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">man</span>(1)</span></a> can no longer
          create system catpages on a regular user's behalf. It is
          still able to do so if the user has write permissions to
          the directory holding catpages (e.g. a user's own
          manpages) or if the running user is <tt class=
          "USERNAME">root</tt>.</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=mdmfs&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">mdmfs</span>(8)</span></a> command has
          been added; it is a wrapper around <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=mdconfig&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">mdconfig</span>(8)</span></a>, <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=disklabel&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">disklabel</span>(8)</span></a>, <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=newfs&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">newfs</span>(8)</span></a>, and <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=mount&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">mount</span>(8)</span></a> that mimics
          the command line option set of the deprecated <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=mount_mfs&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">mount_mfs</span>(8)</span></a>.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=mesg&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">mesg</span>(1)</span></a> now conforms to
          SUSv3. Among other things, it now uses the first terminal
          associated with the standard input, standard output or
          standard error file descriptor, in that order. Thus, it
          is possible to use the redirection facilities of a shell
          (<tt class="COMMAND">mesg n &lt; /dev/ttyp1</tt>) to
          control write access for other terminals.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=mountd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">mountd</span>(8)</span></a> and <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=nfsd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">nfsd</span>(8)</span></a> have moved from
          <tt class="FILENAME">/sbin</tt> to <tt class=
          "FILENAME">/usr/sbin</tt>.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=mv&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">mv</span>(1)</span></a> now takes a
          (nonstandard) <tt class="OPTION">-n</tt> option to
          automatically answer ``no'' when it would ask to
          overwrite a file. [MERGED]</p>

          <p>A number of archaic features of <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=newfs&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">newfs</span>(8)</span></a> have been
          removed; these implement tuning features that are
          essentially useless on modern hard disks. These features
          were controlled by the <tt class="OPTION">-O</tt>, <tt
          class="OPTION">-d</tt>, <tt class="OPTION">-k</tt>, <tt
          class="OPTION">-l</tt>, <tt class="OPTION">-n</tt>, <tt
          class="OPTION">-p</tt>, <tt class="OPTION">-r</tt>, <tt
          class="OPTION">-t</tt>, and <tt class="OPTION">-x</tt>
          flags.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=newfs&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">newfs</span>(8)</span></a> now supports a
          <tt class="OPTION">-O</tt> flag to select the creation of
          UFS1 or UFS2 filesystems.</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=newgrp&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">newgrp</span>(1)</span></a> utility to
          change to a new group has been added.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=newsyslog&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">newsyslog</span>(8)</span></a> now
          compresses log files using <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=bzip2&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">bzip2</span>(1)</span></a> by default.
          (The former behavior of using <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=gzip&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">gzip</span>(1)</span></a> can be
          specified in <tt class=
          "FILENAME">/etc/newsyslog.conf</tt>.)</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=nextboot&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">nextboot</span>(8)</span></a> utility has
          been added to specify an alternate kernel and/or boot
          flags to be used the next time the machine is booted. A
          previous incarnation of this feature first appeared in
          FreeBSD 2.2.</p>

          <p><b class="APPLICATION">NFS</b> now works over
          IPv6.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=nice&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">nice</span>(1)</span></a> now uses the
          <tt class="OPTION">-n</tt> option to specify the
          ``niceness'' of the utility being run. [MERGED]</p>

          <p><b class="APPLICATION">nsswitch</b> support has been
          merged from NetBSD. By creating an <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=nsswitch.conf&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">nsswitch.conf</span>(5)</span></a> file,
          FreeBSD can be configured so that various databases such
          as <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=passwd&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">passwd</span>(5)</span></a> and <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=group&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">group</span>(5)</span></a> can be looked
          up using flat files, NIS, or Hesiod. If <tt class=
          "FILENAME">/etc/nsswitch.conf</tt> does not exist, it
          will be automatically generated from an existing <tt
          class="FILENAME">/etc/hosts.conf</tt> at system startup
          time. The <tt class="FILENAME">/etc/hosts.conf</tt> file
          may be used by old executables; it will be automatically
          generated from an existing <tt class=
          "FILENAME">/etc/nsswitch.conf</tt> during system startup
          if it exists.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=od&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">od</span>(1)</span></a> now supports the
          <tt class="OPTION">-A</tt> option to specify the input
          address base, the <tt class="OPTION">-N</tt> option to
          specify the number of bytes to dump, the <tt class=
          "OPTION">-j</tt> option to specify the number of bytes to
          skip, the <tt class="OPTION">-s</tt> option to output
          signed decimal shorts, and the <tt class="OPTION">-t</tt>
          option to specify output type. [MERGED]</p>

          <p><b class="APPLICATION">PAM</b> support has been added
          for account management and sessions.</p>

          <p><b class="APPLICATION">PAM</b> configuration is now
          specified by files in <tt class=
          "FILENAME">/etc/pam.d/</tt>, rather than a single <tt
          class="FILENAME">/etc/pam.conf</tt> file. <tt class=
          "FILENAME">/etc/pam.d/README</tt> has more details.</p>

          <p>A <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pam_echo&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pam_echo</span>(8)</span></a> echo
          service module has been added.</p>

          <p>A <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pam_exec&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pam_exec</span>(8)</span></a> program
          execution service module has been added.</p>

          <p>A <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pam_ftp&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pam_ftp</span>(8)</span></a> module has
          been added to allow authentication of anonymous FTP
          users.</p>

          <p>A <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pam_ftpusers&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pam_ftpusers</span>(8)</span></a> module
          has been added to perform checks against the <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ftpusers&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ftpusers</span>(5)</span></a> file.</p>

          <p>A <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pam_ksu&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pam_ksu</span>(8)</span></a> module has
          been added to do Kerberos 5 authentication and <tt class=
          "FILENAME">$HOME/.k5login</tt> authorization for <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=su&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">su</span>(1)</span></a>.</p>

          <p>A <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pam_lastlog&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pam_lastlog</span>(8)</span></a> module
          has been added to record sessions in the <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=utmp&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">utmp</span>(5)</span></a>, <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=wtmp&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">wtmp</span>(5)</span></a>, and <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=lastlog&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">lastlog</span>(5)</span></a>
          databases.</p>

          <p>A <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pam_login_access&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pam_login_access</span>(8)</span></a>
          module has been added, to allow checking against <tt
          class="FILENAME">/etc/login.access</tt>.</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pam_nologin&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pam_nologin</span>(8)</span></a> module,
          which can disallow logins using <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=nologin&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">nologin</span>(5)</span></a>, has been
          added.</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pam_opie&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pam_opie</span>(8)</span></a> and <a
          href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pam_opieaccess&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pam_opieaccess</span>(8)</span></a>
          modules have been added to control authentication via <a
          href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=opie&sektion=4&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">opie</span>(4)</span></a>. [MERGED]</p>

          <p>A <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pam_passwdqc&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pam_passwdqc</span>(8)</span></a> module
          has been added, to check the quality of passwords
          submitted during password changes.</p>

          <p>A <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pam_rhosts&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pam_rhosts</span>(8)</span></a> module
          has been added to support <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=rhosts&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">rhosts</span>(5)</span></a>
          authentication.</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pam_rootok&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pam_rootok</span>(8)</span></a> module,
          which can be used to authenticate only the superuser, has
          been added.</p>

          <p>A <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pam_securetty&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pam_securetty</span>(8)</span></a> module
          has been added to check the ``security'' of a TTY, as
          listed in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ttys&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ttys</span>(5)</span></a>.</p>

          <p>A <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pam_self&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pam_self</span>(8)</span></a> module,
          which allows self-authentication of a user, has been
          added.</p>

          <p>A <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pam_wheel&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pam_wheel</span>(8)</span></a> module has
          been added to permit authentication to members of a
          group, which defaults to <tt class=
          "GROUPNAME">wheel</tt>.</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pathchk&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pathchk</span>(1)</span></a> utility,
          which checks pathnames for validity or portability
          between POSIX systems, has been added. [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ping&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ping</span>(8)</span></a> now supports a
          <tt class="OPTION">-o</tt> flag to exit after receiving a
          reply.</p>

          <p>prefix(8) is obsolete and has been removed. Its
          functionality is provided by the <tt class=
          "OPTION">eui64</tt> command to <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ifconfig&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ifconfig</span>(8)</span></a>.</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pselect&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pselect</span>(3)</span></a> library
          function (introduced by POSIX.1 as a slightly stronger
          version of <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=select&sektion=2&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">select</span>(2)</span></a>) has been
          added.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=pwd&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">pwd</span>(1)</span></a> now supports the
          <tt class="OPTION">-L</tt> flag to print the logical
          current working directory. [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=quota&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">quota</span>(1)</span></a> now takes a
          <tt class="OPTION">-l</tt> flag to suppress quote checks
          on NFS filesystems.</p>

          <p>The pseudo-random number generator implemented by <a
          href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=rand&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">rand</span>(3)</span></a> has been
          improved to provide less biased results.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=rcmd&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">rcmd</span>(3)</span></a> now supports
          the use of the <tt class="ENVAR">RSH</tt> environment
          variable to specify a program to use other than <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=rsh&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">rsh</span>(1)</span></a> for remote
          execution. As a result, programs such as <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=dump&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">dump</span>(8)</span></a>, can use <a
          href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ssh&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ssh</span>(1)</span></a> for remote
          transport.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=rdist&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">rdist</span>(1)</span></a> has been
          retired from the base system, but is still available from
          FreeBSD Ports Collection as <a href=
          "http://www.FreeBSD.org/cgi/url.cgi?ports/net/44bsd-rdist/pkg-descr">
          <tt class="FILENAME">net/44bsd-rdist</tt></a>.</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=renice&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">renice</span>(8)</span></a> command
          implements a <tt class="OPTION">-n</tt> option, which
          specifies an increment to be applied to the priority of a
          process. [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=rpcbind&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">rpcbind</span>(8)</span></a> has replaced
          <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=portmap&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">portmap</span>(8)</span></a>.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=rpcgen&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">rpcgen</span>(1)</span></a> now uses <tt
          class="FILENAME">/usr/bin/cpp</tt> (as on NetBSD), not
          <tt class="FILENAME">/usr/libexec/cpp</tt>.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=rpc.lockd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">rpc.lockd</span>(8)</span></a> has been
          imported from NetBSD. This daemon provides support for
          servicing client NFS locks.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=rtld&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">rtld</span>(1)</span></a> will now print
          the names of all objects that cause each object to be
          loaded, if the <tt class=
          "VARNAME">LD_TRACE_LOADED_OBJECTS_ALL</tt> environment
          variable is defined.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=sed&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">sed</span>(1)</span></a> now takes a <tt
          class="OPTION">-i</tt> option to enable in-place editing
          of files. [MERGED]</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=setfacl&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">setfacl</span>(1)</span></a> and <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=getfacl&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">getfacl</span>(1)</span></a> commands
          have been added to manage filesystem Access Control
          Lists.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=sh&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">sh</span>(1)</span></a> no longer
          implements <tt class="COMMAND">printf</tt> as a built-in
          command because it was considered less valuable compared
          to the other built-in commands (this functionality is, of
          course, still available through the <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=printf&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">printf</span>(1)</span></a>
          executable).</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=sh&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">sh</span>(1)</span></a> now supports a
          <tt class="OPTION">-C</tt> option to prevent existing
          regular files from being overwritten by output
          redirection, and a <tt class="OPTION">-u</tt> to give an
          error if an unset variable is expanded. [MERGED]</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=sh&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">sh</span>(1)</span></a> built-in <tt
          class="COMMAND">cd</tt> command now supports <tt class=
          "OPTION">-L</tt> and <tt class="OPTION">-P</tt> flags to
          invoke logical or physical modes of operation,
          respectively. Logical mode is the default, but the
          default can be changed with the <tt class=
          "VARNAME">physical</tt> <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=sh&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">sh</span>(1)</span></a> option.
          [MERGED]</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=sh&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">sh</span>(1)</span></a> built-in <tt
          class="COMMAND">jobs</tt> command now supports a <tt
          class="OPTION">-s</tt> flag to output PIDs only and a <tt
          class="OPTION">-l</tt> flag to add PIDs to the output.
          [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=sh&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">sh</span>(1)</span></a> now supports a
          <tt class="COMMAND">bind</tt> built-in command, which
          allows the key bindings for the shell's line editor to be
          changed.</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=sh&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">sh</span>(1)</span></a> built-in <tt
          class="COMMAND">export</tt> and <tt class=
          "COMMAND">readonly</tt> commands now support a <tt class=
          "OPTION">-p</tt> flag to print their output in
          ``portable'' format. [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=sh&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">sh</span>(1)</span></a> no longer accepts
          invalid constructs as <tt class="COMMAND"><tt class=
          "REPLACEABLE"><i>command</i></tt> &amp; &amp;&amp; <tt
          class="REPLACEABLE"><i>command</i></tt></tt>, <tt class=
          "COMMAND">&amp;&amp;&#13; <tt class=
          "REPLACEABLE"><i>command</i></tt></tt>, or <tt class=
          "COMMAND">|| <tt class=
          "REPLACEABLE"><i>command</i></tt></tt>. [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=spkrtest&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">spkrtest</span>(8)</span></a> is now a <a
          href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=sh&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">sh</span>(1)</span></a> script, rather
          than a Perl script.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=split&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">split</span>(1)</span></a> now supports a
          <tt class="OPTION">-a</tt> option to specify the number
          of letters to use for the suffix of split files.
          [MERGED]</p>

          <p>In preparation for meeting SUSv2/POSIX <tt class=
          "FILENAME">&lt;sys/select.h&gt;</tt> requirements, <tt
          class="LITERAL">struct selinfo</tt> and related functions
          have been moved to <tt class=
          "FILENAME">&lt;sys/selinfo.h&gt;</tt>.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=su&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">su</span>(1)</span></a> now uses <b
          class="APPLICATION">PAM</b> for authentication.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=sysctl&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">sysctl</span>(8)</span></a> now accepts a
          <tt class="OPTION">-d</tt> flag to print the descriptions
          of variables.</p>

          <p>The default root partition in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">sysinstall</span>(8)</span></a> is now
          100MB on the i386 and pc98, 120MB on the Alpha.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">sysinstall</span>(8)</span></a> now lives
          in <tt class="FILENAME">/usr/sbin</tt>, which simplifies
          the installation process. The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">sysinstall</span>(8)</span></a> manpage
          is also installed in a more consistent fashion now.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">sysinstall</span>(8)</span></a> no longer
          mounts the <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=procfs&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">procfs</span>(5)</span></a> filesystem by
          default on new installs.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=tabs&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">tabs</span>(1)</span></a>, a utility to
          set terminal tab stops, has been added.</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=termcap&sektion=5&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">termcap</span>(5)</span></a> database now
          uses the <tt class="LITERAL">xterm</tt> terminal type
          from <b class="APPLICATION">XFree86</b>. As a result, <a
          href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=xterm&sektion=1&manpath=XFree86+4.2.0">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">xterm</span>(1)</span></a> now supports
          color by default and the common workaround of setting <tt
          class="VARNAME">TERM</tt> to <tt class=
          "LITERAL">xterm-color</tt> is no longer necessary. Use of
          the <tt class="LITERAL">xterm-color</tt> terminal type
          may result in (benign) warnings from applications.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=tftpd&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">tftpd</span>(8)</span></a> now supports
          RFC 2349 (TFTP Timeout Interval and Transfer Size
          Options); this feature is required by some firmware like
          EFI boot managers (at least on HP i2000 Itanium servers)
          in order to boot an image using <b class=
          "APPLICATION">TFTP</b>.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=timed&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">timed</span>(8)</span></a> now works on
          the alpha.</p>

          <p>A version of Transport Independent RPC (<b class=
          "APPLICATION">TI-RPC</b>) has been imported.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=tip&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">tip</span>(1)</span></a> has been updated
          from <b class="APPLICATION">OpenBSD</b>, and has the
          ability to act as a <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=cu&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">cu</span>(1)</span></a> substitute.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=top&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">top</span>(1)</span></a> will now use the
          full width of its tty.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=touch&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">touch</span>(1)</span></a> now takes a
          <tt class="OPTION">-h</tt> option to operate on a
          symbolic link, rather than what the link points to.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=tr&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">tr</span>(1)</span></a> now has basic
          support for equivalence classes for locales that support
          them. [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=tr&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">tr</span>(1)</span></a> now supports a
          <tt class="OPTION">-C</tt> flag to complement the set of
          characters specified by the first string argument.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=tunefs&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">tunefs</span>(8)</span></a> now supports
          the <tt class="OPTION">-a</tt> and <tt class=
          "OPTION">-l</tt> flags to enable and disable the <tt
          class="LITERAL">FS_ACLS</tt> and <tt class=
          "LITERAL">FS_MULTILABEL</tt> administrative flags on UFS
          file system.</p>

          <p>A <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ugidfw&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ugidfw</span>(8)</span></a> utility has
          been added to manage the rulesets provided by the <tt
          class="LITERAL">mac_bsdextended</tt> Mandatory Access
          Control policy, similar to <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=ipfw&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">ipfw</span>(8)</span></a>.</p>

          <p><b class="APPLICATION">UUCP</b> has been removed from
          the base system. It can be found in the Ports Collection,
          in <a href=
          "http://www.FreeBSD.org/cgi/url.cgi?ports/net/freebsd-uucp/pkg-descr">
          <tt class="FILENAME">net/freebsd-uucp</tt></a>.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=unexpand&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">unexpand</span>(1)</span></a> now
          supports a <tt class="OPTION">-t</tt> to specify tabstops
          analogous to <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=expand&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">expand</span>(1)</span></a>. [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=usbdevs&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">usbdevs</span>(8)</span></a> now supports
          a <tt class="OPTION">-d</tt> flag to show the device
          driver associated with each device.</p>

          <p>The base64 capabilities of <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=uuencode&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">uuencode</span>(1)</span></a> and <a
          href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=uudecode&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">uudecode</span>(1)</span></a> can now be
          automatically enabled by invoking these utilities as <a
          href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=b64encode&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">b64encode</span>(1)</span></a> and <a
          href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=b64decode&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">b64decode</span>(1)</span></a>
          respectively. [MERGED]</p>

          <p>Functions to implement and manipulate OSF/DCE
          1.1-compliant UUIDs have been added to <tt class=
          "FILENAME">libc</tt>. More information can be found in <a
          href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=uuid&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">uuid</span>(3)</span></a>.</p>

          <p>The <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=uuidgen&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">uuidgen</span>(1)</span></a> utility has
          been added. It uses the new <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=uuidgen&sektion=2&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">uuidgen</span>(2)</span></a> system call
          to generate one or more Universally Unique Identifiers
          compatible with OSF/DCE 1.1 version 1 UUIDs.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=vidcontrol&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">vidcontrol</span>(1)</span></a> now
          accepts a <tt class="OPTION">-S</tt> to allow the user to
          disable VTY switching. [MERGED]</p>

          <p>The default stripe size in <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=vinum&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">vinum</span>(8)</span></a> has been
          changed from 256KB to 279KB, to spread out superblocks
          more evenly between stripes.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=wc&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">wc</span>(1)</span></a> now supports a
          <tt class="OPTION">-m</tt> flag to count characters,
          rather than bytes.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=whereis&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">whereis</span>(1)</span></a>, formerly a
          Perl script, has been rewritten in C. It now supports a
          <tt class="OPTION">-x</tt> flag to suppress the run of <a
          href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=locate&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">locate</span>(1)</span></a>, and a <tt
          class="OPTION">-q</tt> flag suppresses the leading name
          of the query.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=whereis&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">whereis</span>(1)</span></a> now supports
          a <tt class="OPTION">-a</tt> flag to report all matches
          instead of only the first of each requested type.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=which&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">which</span>(1)</span></a> is now a C
          program, rather than a Perl script.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=who&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">who</span>(1)</span></a> now has a number
          of new options: <tt class="OPTION">-H</tt> shows column
          headings; <tt class="OPTION">-T</tt> shows <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=mesg&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">mesg</span>(1)</span></a> state; <tt
          class="OPTION">-m</tt> is an equivalent to <tt class=
          "OPTION">am i</tt>; <tt class="OPTION">-u</tt> shows idle
          time; <tt class="OPTION">-q</tt> to list names in
          columns. [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=wicontrol&sektion=8&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">wicontrol</span>(8)</span></a> now
          supports a <tt class="OPTION">-l</tt> to list the
          stations associated in <tt class="LITERAL">hostap</tt>
          mode and a <tt class="OPTION">-L</tt> to list available
          access points.</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=xargs&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">xargs</span>(1)</span></a> now supports a
          <tt class="OPTION">-I</tt> <tt class=
          "REPLACEABLE"><i>replstr</i></tt> option that allows the
          user to tell <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=xargs&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">xargs</span>(1)</span></a> to insert the
          data read from standard input at specific points in the
          command line arguments rather than at the end. (A
          FreeBSD-specific <tt class="OPTION">-J</tt> option is
          similar.) [MERGED]</p>

          <p><a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=xargs&sektion=1&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">xargs</span>(1)</span></a> now supports a
          <tt class="OPTION">-L</tt> option to force its utility
          argument to be called after some number of lines.
          [MERGED]</p>

          <p>Various routines in the C library now have support for
          ``wide'' characters. Among these are character class
          functions such as <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=wctype&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">wctype</span>(3)</span></a>, wide
          character I/O functions such as <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=getwc&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">getwc</span>(3)</span></a>, formatted I/O
          functions such as <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=wprintf&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">wprintf</span>(3)</span></a> and <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=wscanf&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">wscanf</span>(3)</span></a>. Conversion
          functions to <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=multibyte&sektion=3&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">multibyte</span>(3)</span></a> characters
          are also supported.</p>

          <p>A number of utilities and libraries were enhanced to
          improve their conformance with the Single UNIX
          Specification (SUSv3) and IEEE Std 1003.1-2001
          (``POSIX.1''). Specific features added have been listed
          in the release notes for each utility. The standards
          conformance of each utility or library function is
          generally listed in its manual page.</p>

          <p>A number of games have been removed from the base
          system. These include: adventure(6), arithmetic(6),
          atc(6), backgammon(6), battlestar(6), bs(6), canfield(6),
          cribbage(6), fish(6), hack(6), hangman(6), larn(6),
          mille(6), phantasia(6), piano(6), pig(6), quiz(6),
          rain(6), robots(6), rogue(6), sail(6), snake(6), trek(6),
          wargames(6), worm(6), worms(6), wump(6). dm(8), which was
          used to control access to games, is no longer necessary,
          and has also been removed. The ``utility-like'' games, as
          well as <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=fortune&sektion=6&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">fortune</span>(6)</span></a>, remain.</p>

          <div class="NOTE">
            <blockquote class="NOTE">
              <p><b>Note:</b> The affected programs will reappear
              as a port in the Ports Collection. This note will
              contain a pointer to that port, once it has been
              committed.</p>
            </blockquote>
          </div>
          <br>
          <br>

          <div class="SECT3">
            <hr>

            <h3 class="SECT3"><a name="AEN3790">2.3.1 Contributed
            Software</a></h3>

            <p><b class="APPLICATION">am-utils</b> has been updated
            to 6.0.7.</p>

            <p>A 10 February 2002 snapshot of <b class=
            "APPLICATION">awk</b> from Bell Labs (variously known
            as ``BWK awk'' or ``The One True AWK'') has been
            imported. It is available as <tt class=
            "COMMAND">awk</tt> or <tt class=
            "COMMAND">nawk</tt>.</p>

            <p><b class="APPLICATION">BIND</b> has been updated to
            8.3.3. [MERGED]</p>

            <p><b class="APPLICATION">Binutils</b> has been updated
            to a pre-release snapshot of 2.13.1 from 11 October
            2002.</p>

            <p><b class="APPLICATION">file</b> has been updated to
            3.39.</p>

            <p><b class="APPLICATION">gcc</b> has been updated to a
            pre-release snapshot of <b class="APPLICATION">gcc</b>
            3.2.1, from 9 October 2002.</p>

            <div class="WARNING">
              <blockquote class="WARNING">
                <p><b>Warning:</b> The C++ ABI from <b class=
                "APPLICATION">gcc</b> 3.2.<tt class=
                "REPLACEABLE"><i>X</i></tt> is not compatible with
                previous versions.</p>
              </blockquote>
            </div>
            <br>
            <br>

            <p><b class="APPLICATION">gdb</b> has been updated to
            version 5.2.1.</p>

            <p><b class="APPLICATION">gperf</b> has been updated to
            2.7.2.</p>

            <p><b class="APPLICATION">groff</b> and its related
            utilities have been updated to FSF version 1.18.1.</p>

            <p><b class="APPLICATION">Heimdal Kerberos</b> has been
            updated to a pre-0.5 snapshot from 16 September
            2002.</p>

            <p>The <b class="APPLICATION">ISC DHCP</b> client has
            been updated to 3.0.1RC9.</p>

            <p>The <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=more&sektion=1&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">more</span>(1)</span></a> command has
            been replaced by <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=less&sektion=1&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">less</span>(1)</span></a>, although it
            can still be run as <tt class="COMMAND">more</tt>.
            [MERGED] Version 371 of <b class="APPLICATION">less</b>
            has been imported.</p>

            <p>An XML processing library, named <tt class=
            "FILENAME">libbsdxml</tt>, has been added for the
            benefit of XML-using utilities in the base system. It
            is based almost entirely on an import of <b class=
            "APPLICATION">expat</b> 1.95.5, but is installed under
            a different name to avoid conflicts with any versions
            of <b class="APPLICATION">expat</b> installed from the
            Ports Collection.</p>

            <p><b class="APPLICATION">libpcap</b> has been updated
            to 0.7.1. [MERGED]</p>

            <p><b class="APPLICATION">libreadline</b> has been
            updated to 4.2.</p>

            <p><b class="APPLICATION">libz</b> has been updated to
            1.1.4.</p>

            <p><b class="APPLICATION">lint</b> has been updated to
            snapshot of NetBSD <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=lint&sektion=1&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">lint</span>(1)</span></a> as of 19 July
            2002.</p>

            <p><b class="APPLICATION">lukemftp</b> 1.6 beta 2 (the
            FTP client from NetBSD) has replaced the FreeBSD <a
            href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=ftp&sektion=1&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">ftp</span>(1)</span></a> program. Among
            its new features are more automation methods, better
            standards compliance, transfer rate throttling, and a
            customizable command-line prompt. Some environment
            variables and command-line arguments have changed.</p>

            <p>The FTP daemon from NetBSD, otherwise known as <b
            class="APPLICATION">lukemftpd</b> 1.2 beta 1, has been
            imported and is available as <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=lukemftpd&sektion=8&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">lukemftpd</span>(8)</span></a>.
            [MERGED]</p>

            <p><a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=m4&sektion=1&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">m4</span>(1)</span></a> has been
            imported from OpenBSD, as of 26 April 2002.
            [MERGED]</p>

            <p><b class="APPLICATION">ncurses</b> has been updated
            to 5.2-20020615.</p>

            <p>The <b class="APPLICATION">NTP</b> suite of programs
            has been updated to 4.1.1b.</p>

            <p><b class="APPLICATION">OpenPAM</b> (``Citronella''
            release) has been imported, replacing <b class=
            "APPLICATION">Linux-PAM</b>.</p>

            <p>The <b class="APPLICATION">OPIE</b>
            one-time-password suite has been updated to 2.4. It has
            completely replaced the functionality of <b class=
            "APPLICATION">S/Key</b>. [MERGED]</p>

            <p><b class="APPLICATION">Perl</b> has been removed
            from the FreeBSD base system. It can still be installed
            from the FreeBSD Ports Collection or as a binary
            package; moving it out of the base system will make
            future upgrades and maintenence easier. To reduce the
            dependence of the base system on Perl, many utilities
            have been rewritten as shell scripts or C programs
            (specific notes are made for each affected utility).
            <tt class="FILENAME">/usr/bin/perl</tt> is now a
            ``wrapper'' program, so that programs expecting to find
            a Perl interpreter there will be able to function
            correctly.</p>

            <div class="WARNING">
              <blockquote class="WARNING">
                <p><b>Warning:</b> The Perl removal and package
                integration work is ongoing.</p>
              </blockquote>
            </div>
            <br>
            <br>

            <p><b class="APPLICATION">GNU ptx</b> has been removed
            from the base system. It is not used anywhere in the
            base system, and has not been recently updated or
            maintained. Users requiring its functionality can
            install this utility as a part of the <a href=
            "http://www.FreeBSD.org/cgi/url.cgi?ports/textproc/textutils/pkg-descr">
            <tt class="FILENAME">textproc/textutils</tt></a>
            port.</p>

            <p>The <tt class="LITERAL">rc.d</tt> framework from
            NetBSD has been imported. It breaks down the system
            startup functionality into a number of small,
            ``task-oriented'' scripts in <tt class=
            "FILENAME">/etc/rc.d</tt>, with dynamic-determined
            ordering of startup scripts performed at boot-time.</p>

            <p><b class="APPLICATION">GNU sort</b> has been updated
            to the version from <b class="APPLICATION">GNU
            textutils 2.0.21</b>.</p>

            <p><a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=stat&sektion=1&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">stat</span>(1)</span></a> from <b
            class="APPLICATION">NetBSD</b>, as of 5 June 2002 has,
            been imported.</p>

            <p><b class="APPLICATION">GNU tar</b> has been updated
            to 1.13.25. [MERGED]</p>

            <p><b class="APPLICATION">tcpdump</b> has been updated
            to 3.7.1. [MERGED]</p>

            <p>The <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=csh&sektion=1&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">csh</span>(1)</span></a> shell has been
            replaced by <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=tcsh&sektion=1&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">tcsh</span>(1)</span></a>, although it
            can still be run as <tt class="COMMAND">csh</tt>. <b
            class="APPLICATION">tcsh</b> has been updated to
            version 6.12. [MERGED]</p>

            <p>The contributed version of <b class=
            "APPLICATION">tcp_wrappers</b> now includes the <a
            href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=tcpd&sektion=8&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">tcpd</span>(8)</span></a> helper
            daemon. While not strictly necessary in a standard
            FreeBSD installation (because <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=inetd&sektion=8&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">inetd</span>(8)</span></a> already
            incorporates this functionality), this may be useful
            for <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=inetd&sektion=8&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">inetd</span>(8)</span></a> replacements
            such as <b class="APPLICATION">xinetd</b>. [MERGED]</p>

            <p><b class="APPLICATION">texinfo</b> has been updated
            to 4.2. [MERGED]</p>

            <p><b class="APPLICATION">top</b> has been updated to
            version 3.5b12. [MERGED]</p>

            <p><b class="APPLICATION">traceroute</b> has been
            updated to LBL version 1.4a12.</p>

            <p>The timezone database has been updated to the <tt
            class="FILENAME">tzdata2002d</tt> release. [MERGED]</p>

            <div class="SECT4">
              <hr>

              <h4 class="SECT4"><a name="AEN3983">2.3.1.1
              CVS</a></h4>

              <p><b class="APPLICATION">cvs</b> has been updated to
              1.11.2. [MERGED]</p>
            </div>

            <div class="SECT4">
              <hr>

              <h4 class="SECT4"><a name="AEN4006">2.3.1.2
              CVSup</a></h4>
            </div>

            <div class="SECT4">
              <hr>

              <h4 class="SECT4"><a name="KAME-USERLAND">2.3.1.3
              KAME</a></h4>
            </div>

            <div class="SECT4">
              <hr>

              <h4 class="SECT4"><a name="AEN4049">2.3.1.4
              OpenSSH</a></h4>

              <p><b class="APPLICATION">OpenSSH</b> has been
              updated to version 3.1. [MERGED] Among the
              changes:</p>

              <ul>
                <li>
                  <p>The <tt class="FILENAME">*2</tt> files are
                  obsolete (for example, <tt class=
                  "FILENAME">~/.ssh/known_hosts</tt> can hold the
                  contents of <tt class=
                  "FILENAME">~/.ssh/known_hosts2</tt>).</p>
                </li>

                <li>
                  <p><a href=
                  "http://www.FreeBSD.org/cgi/man.cgi?query=ssh-keygen&sektion=1&manpath=FreeBSD+5.0-current">
                  <span class="CITEREFENTRY"><span class=
                  "REFENTRYTITLE">ssh-keygen</span>(1)</span></a>
                  can import and export keys using the SECSH Public
                  Key File Format, for key exchange with several
                  commercial SSH implementations.</p>
                </li>

                <li>
                  <p><a href=
                  "http://www.FreeBSD.org/cgi/man.cgi?query=ssh-add&sektion=1&manpath=FreeBSD+5.0-current">
                  <span class="CITEREFENTRY"><span class=
                  "REFENTRYTITLE">ssh-add</span>(1)</span></a> now
                  adds all three default keys.</p>
                </li>

                <li>
                  <p><a href=
                  "http://www.FreeBSD.org/cgi/man.cgi?query=ssh-keygen&sektion=1&manpath=FreeBSD+5.0-current">
                  <span class="CITEREFENTRY"><span class=
                  "REFENTRYTITLE">ssh-keygen</span>(1)</span></a>
                  no longer defaults to a specific key type; one
                  must be specified with the <tt class=
                  "OPTION">-t</tt> option.</p>
                </li>
              </ul>
              <br>
              <br>

              <p><b class="APPLICATION">OpenSSH</b> has been
              updated to 3.4p1. [MERGED] The main changes are:</p>

              <ul>
                <li>
                  <p>A ``privilege separation'' feature, which uses
                  unprivileged processes to contain and restrict
                  the effects of future compromises or programming
                  errors.</p>
                </li>

                <li>
                  <p>Several bugfixes, including closure of a
                  security hole that could lead to an integer
                  overflow and undesired privilege escalation.</p>
                </li>
              </ul>
              <br>
              <br>
            </div>

            <div class="SECT4">
              <hr>

              <h4 class="SECT4"><a name="AEN4139">2.3.1.5
              OpenSSL</a></h4>

              <p><b class="APPLICATION">OpenSSL</b> has been
              updated to 0.9.6g. [MERGED]</p>
            </div>

            <div class="SECT4">
              <hr>

              <h4 class="SECT4"><a name="AEN4148">2.3.1.6
              sendmail</a></h4>

              <p><b class="APPLICATION">sendmail</b> has been
              updated from version 8.9.3 to version 8.12.6.
              Important changes include: <a href=
              "http://www.FreeBSD.org/cgi/man.cgi?query=sendmail&sektion=8&manpath=FreeBSD+5.0-current">
              <span class="CITEREFENTRY"><span class=
              "REFENTRYTITLE">sendmail</span>(8)</span></a> is no
              longer installed as a set-user-ID <tt class=
              "USERNAME">root</tt> binary (now set-group-ID <tt
              class="GROUPNAME">smmsp</tt>); new default file
              locations (see <tt class=
              "FILENAME">/usr/src/contrib/sendmail/cf/README</tt>);
              <a href=
              "http://www.FreeBSD.org/cgi/man.cgi?query=newaliases&sektion=1&manpath=FreeBSD+5.0-current">
              <span class="CITEREFENTRY"><span class=
              "REFENTRYTITLE">newaliases</span>(1)</span></a> is
              limited to <tt class="USERNAME">root</tt> and trusted
              users; STARTTLS encryption; and the MSA port (587) is
              turned on by default. See <tt class=
              "FILENAME">/usr/src/contrib/sendmail/RELEASE_NOTES</tt>
              for more information. [MERGED]</p>

              <p>By default, <a href=
              "http://www.FreeBSD.org/cgi/man.cgi?query=rc&sektion=8&manpath=FreeBSD+5.0-current">
              <span class="CITEREFENTRY"><span class=
              "REFENTRYTITLE">rc</span>(8)</span></a> no longer
              enables <b class="APPLICATION">sendmail</b> for
              inbound SMTP connections. Note that <a href=
              "http://www.FreeBSD.org/cgi/man.cgi?query=sysinstall&sektion=8&manpath=FreeBSD+5.0-current">
              <span class="CITEREFENTRY"><span class=
              "REFENTRYTITLE">sysinstall</span>(8)</span></a> may
              override this default for a binary installation,
              based on what security profile is selected. This
              functionality can also be manually enabled by adding
              the following line to <tt class=
              "FILENAME">/etc/rc.conf</tt>:</p>
<pre class="PROGRAMLISTING">
    sendmail_enable="YES"
</pre>

              <p>The permissions for <b class=
              "APPLICATION">sendmail</b> alias and map databases
              built via <tt class=
              "FILENAME">/etc/mail/Makefile</tt> now default to
              mode 0640 to protect against a file locking local
              denial of service. It can be changed by setting the
              new <tt class="VARNAME">SENDMAIL_MAP_PERMS</tt> <tt
              class="FILENAME">make.conf</tt> option. [MERGED]</p>

              <p>The permissions for the <b class=
              "APPLICATION">sendmail</b> statistics file, <tt
              class="FILENAME">/var/log/sendmail.st</tt>, have been
              changed from mode 0644 to mode 0640 to protect
              against a file locking local denial of service.
              [MERGED]</p>
            </div>
          </div>

          <div class="SECT3">
            <hr>

            <h3 class="SECT3"><a name="AEN4249">2.3.2
            Ports/Packages Collection Infrastructure</a></h3>

            <p><b class="APPLICATION">BSDPAN</b>, a collection of
            modules that provides tighter integration of <b class=
            "APPLICATION">Perl</b> into the FreeBSD Ports
            Collection, has been added.</p>

            <p>For some time, FreeBSD 5.0-CURRENT (as well as some
            4.X releases) included a pkg_update(1) utility to
            update installed packages, as well as their
            dependencies. This utility has been removed; a superset
            of its functionality can be found in the <a href=
            "http://www.FreeBSD.org/cgi/url.cgi?ports/sysutils/portupgrade/pkg-descr">
            <tt class="FILENAME">sysutils/portupgrade</tt></a>
            port.</p>

            <p><a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=pkg_version&sektion=1&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">pkg_version</span>(1)</span></a>,
            formerly a Perl script, has been rewritten in C.</p>

            <p>The Ports Collection infrastructure now uses <b
            class="APPLICATION">XFree86</b> 4.2.1 as the default
            version of the X Window System for the purposes of
            satisfying dependencies. To return to using <b class=
            "APPLICATION">XFree86</b> 3.3.6, add the following line
            to <tt class="FILENAME">/etc/make.conf</tt>:
            [MERGED]</p>
<pre class="PROGRAMLISTING">
    XFREE86_VERSION=3
</pre>

            <p>The libraries installed by the <a href=
            "http://www.FreeBSD.org/cgi/url.cgi?ports/emulators/linux_base/pkg-descr">
            <tt class="FILENAME">emulators/linux_base</tt></a> port
            (required for Linux emulation) have been updated; they
            now correspond to those included with <b class=
            "APPLICATION">Red Hat Linux</b> 7.1. [MERGED]</p>

            <p>By default, packages generated by the Ports
            Collection (as well as the packages on the FTP sites)
            are now compressed using <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=bzip2&sektion=1&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">bzip2</span>(1)</span></a>, rather than
            <a href=
            "http://www.FreeBSD.org/cgi/man.cgi?query=gzip&sektion=1&manpath=FreeBSD+5.0-current">
            <span class="CITEREFENTRY"><span class=
            "REFENTRYTITLE">gzip</span>(1)</span></a>. (Thus, they
            now have a <tt class="FILENAME">.tbz</tt> extension,
            rather than a <tt class="FILENAME">.tgz</tt>
            extension.) The package tools have been updated to
            handle the new format.</p>
          </div>
        </div>

        <div class="SECT2">
          <hr>

          <h2 class="SECT2"><a name="AEN4361">2.4 Release
          Engineering and Integration</a></h2>

          <p>The <tt class="FILENAME">bin</tt> distribution has
          been renamed <tt class="FILENAME">base</tt>, in order to
          make creation of combined install/recovery disks
          easier.</p>

          <p>It is now possible to make releases of FreeBSD
          5-CURRENT on a FreeBSD 4-STABLE host and vice versa.
          Cross-architecture (building a release for a target
          architecture on a host of a different architecture)
          releases are also possible. See <a href=
          "http://www.FreeBSD.org/cgi/man.cgi?query=release&sektion=7&manpath=FreeBSD+5.0-current">
          <span class="CITEREFENTRY"><span class=
          "REFENTRYTITLE">release</span>(7)</span></a> for details.
          [MERGED]</p>

          <p>A third <tt class="FILENAME">drivers.flp</tt> floppy
          has been added to floppy releases. It holds loadable
          modules containing drivers that do not fit in the kernel
          on the <tt class="FILENAME">kern.flp</tt> disk or in the
          <tt class="FILENAME">mfsroot.flp</tt> image.</p>
        </div>

        <div class="SECT2">
          <hr>

          <h2 class="SECT2"><a name="AEN4386">2.5
          Documentation</a></h2>

          <p>A number of formerly-encumbered documents from the 4.4
          BSD Programmer's Supplementary Documents have been
          restored to <tt class="FILENAME">/usr/share/doc/psd</tt>.
          These include:</p>

          <ul>
            <li>
              <p><span class="emphasis"><i class="EMPHASIS">The
              UNIX Time-Sharing System</i></span> (<tt class=
              "FILENAME">01.cacm</tt>)</p>
            </li>

            <li>
              <p><span class="emphasis"><i class="EMPHASIS">UNIX
              Implementation</i></span> (<tt class=
              "FILENAME">02.implement</tt>)</p>
            </li>

            <li>
              <p><span class="emphasis"><i class="EMPHASIS">The
              UNIX I/O System</i></span> (<tt class=
              "FILENAME">03.iosys</tt>)</p>
            </li>

            <li>
              <p><span class="emphasis"><i class="EMPHASIS">UNIX
              Programming -- Second Edition</i></span> (<tt class=
              "FILENAME">04.uprog</tt>)</p>
            </li>

            <li>
              <p><span class="emphasis"><i class="EMPHASIS">The C
              Programming Language -- Reference Manual</i></span>
              (<tt class="FILENAME">06.Clang</tt>)</p>
            </li>

            <li>
              <p><span class="emphasis"><i class="EMPHASIS">Yacc:
              Yet Another Compiler-Compiler</i></span> (<tt class=
              "FILENAME">15.yacc</tt>)</p>
            </li>

            <li>
              <p><span class="emphasis"><i class="EMPHASIS">Lex --
              A Lexical Analyzer Generator</i></span> (<tt class=
              "FILENAME">16.lex</tt>)</p>
            </li>

            <li>
              <p><span class="emphasis"><i class="EMPHASIS">The M4
              Macro Processor</i></span> (<tt class=
              "FILENAME">17.m4</tt>)</p>
            </li>
          </ul>

          <p>Several formerly-encumbered documents from the 4.4 BSD
          User's Supplementary Documents have been restored to <tt
          class="FILENAME">/usr/share/doc/usd</tt>. They
          include:</p>

          <ul>
            <li>
              <p><span class="emphasis"><i class=
              "EMPHASIS">NROFF/TROFF User's Manual</i></span> (<tt
              class="FILENAME">21.troff</tt>)</p>
            </li>

            <li>
              <p><span class="emphasis"><i class="EMPHASIS">A TROFF
              Tutorial</i></span> (<tt class=
              "FILENAME">22.trofftut</tt>)</p>
            </li>
          </ul>
        </div>
      </div>

      <div class="SECT1">
        <hr>

        <h1 class="SECT1"><a name="AEN4434">3 Upgrading from
        previous releases of FreeBSD</a></h1>

        <p>Users with existing FreeBSD systems are <span class=
        "emphasis"><i class="EMPHASIS">highly</i></span> encouraged
        to read the ``Early Adopter's Guide to FreeBSD 5.0''. This
        document generally has the filename <tt class=
        "FILENAME">EARLY.TXT</tt> on the distribution media, or any
        other place that the release notes can be found. It offers
        some notes on upgrading, but more importantly, also
        discusses some of the relative merits of upgrading to
        FreeBSD 5.<tt class="REPLACEABLE"><i>X</i></tt> versus
        running FreeBSD 4.<tt class=
        "REPLACEABLE"><i>X</i></tt>.</p>

        <div class="IMPORTANT">
          <blockquote class="IMPORTANT">
            <p><b>Important:</b> Upgrading FreeBSD should, of
            course, only be attempted after backing up <span class=
            "emphasis"><i class="EMPHASIS">all</i></span> data and
            configuration files.</p>
          </blockquote>
        </div>
      </div>
    </div>
    <hr>

    <p align="center"><small>This file, and other release-related
    documents, can be downloaded from <a href=
    "http://snapshots.jp.FreeBSD.org/">http://snapshots.jp.FreeBSD.org/</a>.</small></p>

    <p align="center"><small>For questions about FreeBSD, read the
    <a href="http://www.FreeBSD.org/docs.html">documentation</a>
    before contacting &#60;<a href=
    "mailto:questions@FreeBSD.org">questions@FreeBSD.org</a>&#62;.</small></p>

    <p align="center"><small><small>All users of FreeBSD 5-CURRENT
    should subscribe to the &#60;<a href=
    "mailto:current@FreeBSD.org">current@FreeBSD.org</a>&#62;
    mailing list.</small></small></p>

    <p align="center">For questions about this documentation,
    e-mail &#60;<a href=
    "mailto:doc@FreeBSD.org">doc@FreeBSD.org</a>&#62;.</p>
    <br>
    <br>
  </body>
</html>

